Which method is the best practice to block the Active Directory (AD) user access the wireless network? Configure on it Microsoft NPS or Aruba controller policy?
Now my customer authenticate through 802.1x by using NPS and AD. If configure at Aruba controller it is add block list under "Authenticated" profile?
Please advise
Just want to block specific user on wlan network.
You should blacklist that user's device. If you are using an AD group to provide access to the WLAN, you should remove that user from that AD group.
They don't have AD group to provide wlan access.
If my customer's end users has multiple device, then have to blacklist few times for each user.
Does it good practice create a group on Aruba controller to block end user?
You would block access via group on the NPS server in the remote access policy. NPS is not very flexible, so blocking a single user is difficult, unless you are allowing access via a specific AD group and that user is not in the group.
How to permenantly blacklist the end user device? Because i did try to blacklist the user devices but it only can blacklist 60 minutes.
http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-to-blacklist-users-permanently/ta-p/175712
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.