Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACS 5.1 - Allocate vlan to port based on group nam in ldap

Hello,

In my 802.1X environment, I have pc's that authenticate with machine certificates against ACS5.1. This works fine.

Now I want to allocate the vlan number based on the group in ldap.

My ldap connection is working fine, and I have configured an extra attribute 'memberOf', so I can use it int the Access Policies.

I have tried with 2 Access Service Authorization rules for 802.1X service, that says:

- memberOf=OU=Groupname, dc=domain,dc=com

- memberOf=Groupname

However, both rules are not hit, while the group name does exist in the ldap attributes

Can you advice how to configure the authorization rule ?

thx Karien

238
Views
0
Helpful
0
Replies
CreatePlease to create content