Team-
First. Thank you.
We revisited our auth source and added an attribute to an exisiting filter called Webdn called userAccountControl. We then removed the following from the ldap query (!(userAccountControl:1.2.840.113556.1.4.803:=2)) leaving only this (&(sAMAccountName=%{Endpoint:Username})(objectClass=user).
We then revisited out enforcement policy for mac caching and added a condition
Authorization:AD Domain userAccountControl=514
Enforcement profile: Radius(Deny Access Profile)
We authenticated via Captive portal. We then Authenticated via MAc Caching. We disabled in AD.
Test did not work. We were still able to authenticate via Mac Caching. We cleared cache for the authentiction source and re tested. Success. We were denied access and returned to the captive portal.uccess
Thanks to the team of Airheads helping me out. One more question?
What is the interval for clearing cache on auth sources? Is it automated and can it be changed?
Thank you again....