Controller Based WLANs

What is the command to force an instant role change?

Product and Software: This article applies to all Aruba controllers and ArubaOS versions.

 

Normally, a new user-role for an authenticated user is not applied to the user while the user is authenticated and is connected to the network, unless it is forced to authenticate again.

 

For example, a captive-portal user is falling into the default user-role "guest". When we change the default-role for captive-portal to "default-vpn-role", this change will not be applied to this user unless it reauthenticates. 


But, there is way to change the user-role instantly without having the user to reauthenticate. This is done by issuing the "aaa user add <users IP address> role <rolename>" command. 


This user-role is applied to the user instantly and it stays until the next authentication.

 

 

 

Version History
Revision #:
1 of 1
Last update:
‎07-10-2014 06:51 AM
Updated by:
 
Labels (1)
Contributors
Comments
Adnan

How do we enforce role change for a client which has not yet acquired an IP?

 

(WLC_0002) #show station-table

Station Entry
-------------
MAC Name Role Age(d:h:m) Auth AP name Essid Phy Remote Profile
------------ ------ ---- ---------- ---- ------- ----- --- ------ -------

00:19:be:30:95:a9 denyall 00:00:08 No OAP-0003 CMS g-HT No CMS-aaa_prof

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.