10-13-2016 10:58 PM
Kindly need your advise,
I already integrated Clearpass and AD. and i have 2 group. Group A and Group B.
User Group A are User1 and User2
User Group B are User100 and User200
Group A will get Role A => VLAN A
Group B will get Role B => VLAN B
and the configuration already running well.
But , when i move user1 from group A to Group B, why the user1 still have Role A and VLAN A. I already remove on Group A and move to Group B.
Can i make that change real time or quickly ?
Kindly need your advise
Solved! Go to Solution.
10-14-2016 02:09 AM
You need to change to cache timeout for your AD servers. In my lab example below I have this to zero.
If my post is helpful please give kudos, or mark as solved if it answers your post.
ACCP, ACCX #817, ACMP, ACMX #294
10-17-2016 12:39 AM
If you set that to 0 CPPM will look up a group membership on every authentication using LDAP. While a radius server can handle so many queries/second, typically handle as many. The end result could be many delayed authentications, as a result.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base