12-09-2016 11:05 AM - edited 12-09-2016 11:06 AM
I have configured Server Role Derivation for 802.1X with enfroced machine authentication. I works fine for computers and users that are members of Microsoft domain, with role mapping based on returned by NPS standard attribute (not Aruba VSA).
But I have just a few MAC OSX laptops, that (from many reasons) are not members of domain (no machine account, only user&pass), and I would like to be able, also to map them on different role, after successful 802.1X authentiaction based on user & pass only (machine auth fail).
Will returning Aruba VSA attribute (Aruba-User-Role) take precedense and assign returned in VSA attribute role to a user on a MAC OSX that passed only user auth and failed machine auth, with Enforce Machine Authentication option enabled in a profile?
12-09-2016 11:15 AM
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base