I have an installed base of ACS 5.1 and MS AD. Some users are allowed to dial-in via VPN based on the attribute "msNPAllowDialin=True" within AD while others have no permission.
Whenever ACS send an LDAP-request to AD to retrieve the attributes it gets the value of msNPAllowDialin=false according to the following report.
Device IP Address=172.27.60.20
I would like to use this attribute via authorization-policies to grant or deny access via VPN.
I'm running patch-level 18.104.22.168.3.
is this a known bug or do I miss something ?
Any support is very much appreciated