I guess the part i'm most tripped up on is the following:
When going from a basic AAA profile and the default 802.1x role, how does the controller discern if a client is going to get either the default Machine role, or the default User role.
I've taken the exam a couple times and been confused by this. I did boot camp, and wouldn't you know i rolled an unbelievable insomnia week the week of the course and some parts are foggy.
I understand enforce machine authentication plays a role here, but i'm still not sure how the controller decides if the client is going to get the machine role or the user role. I realize that the machine role is given if a user hasn't authenticated against something(say an idle machine at the Ctrl Alt Del screen). But if enforce is turned on what takes precedence if at all?
I also understand that a VLAN Role (Trusted/untrusted port) trumps a AAA profile as well, but i'm still not 100% clear on some of this. Even a link to the appropriate page in the userguide would be helpful at this time.