Wireless Access

Reply
Contributor II
Posts: 58
Registered: ‎09-22-2011

Missing Configuration

Hi, Im trying to know why a role is been derivated to my users even if I dont have any server grup role derivation rule or user rules.

 

In the nps we are sending the Vendor-specific value for two different users group.

 

Groups 

1.- Vendor-Specific: Internal

2.- Vendor-Specific: VIP

 

On the cntroler we don´t have any rule to derivate this but for some reason our users are getting respectively Internal or VIP.

 

And They are not getting the 802.1X Authentication Default Role on the aaa profile they still getting Internal or VIP  this roles are not used in an  aaa profile.

 

 

AOS: 6.1.3.1

Windows Server 2008

 

 

Thanks in advance. 

Guru Elite
Posts: 21,272
Registered: ‎03-29-2007

Re: Missing Configuration

Turn on user debugging and find out why.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Aruba Employee
Posts: 664
Registered: ‎04-15-2009

Re: Missing Configuration

If you send back Aruba-User-Role, you don't need a server derivation rule.  The controller will automatically use the value of the VSA as the role (assuming the value exists as a role).  Are you using the Aruba-User-Role VSA?

Contributor II
Posts: 58
Registered: ‎09-22-2011

Re: Missing Configuration

I don't know if we are ussing Aruba-User-Role VSA,  I'm taking control of a deployed base then I'm getting knowledge of it.

 

Let Me check and when i got the answer I'll post it.

 

Thanks 

 

Contributor II
Posts: 58
Registered: ‎09-22-2011

Re: Missing Configuration

Ok, I will turn on the debugging and will post the output.

Thanks

Search Airheads
Showing results for 
Search instead for 
Did you mean: