Hi
Heres a complete rundown of how i have guessed it maybe done -
Hi All
As previous posters may have noticed i have been given the task of moving the ACS
from 4.0 to 5.3 which turns out to be considerably different.
Sadly i have nothing to test with at the moment so am trying to work it out as best i can
before the abbreviated period of cutover begins.
I have a Service Desk group setting in 4.0
Under groups i have the group settings and down the bottom i have the following -
(ticked ) Wireless-WCS HTTP
(ticked ) Custom Attributes
Then in the box -
virtual-domain0=CRUK
role0=LobbyAmbassador
task0=Configure Guest Users
task1=Lobby Ambassador User Preferences
Fine but that doesnt translate directly into any 5.3 settings.
I assume that i would do the following
In policy elements create a shell profile (Service Desk) with the following settings -
Privilege level 0
Custom attributes
Manually entered -
attribute requirement Value
virtual-domain mandatory virtual-domain0=CRUK
role mandatory role0=LobbyAmbassador
task0 mandatory task0=Configure Guest Users
task1 mandatory task1=Lobby Ambassador User Preferences
submit that and then go to -
Access Policies/default device admin/Authorisation
Create a new Rule
Add the correct AD group in compound condition AD-AD1 attribute ExternalGroups value static
in NDG:Device Type - reference the WLC (previously created as device type with ip address)
Then in Results reference the above shell profile - Service Desk.
Sorry about the longevity but if this looks ok or rubbish can someone let me know as i wont
have much time to get it working with the real wireless
Thanks in advance
Steve
