Hi gurus,
My customer has a policy in his AD which locks an account when a client reaches 10 authentication attempts. One user has changed his password, but it seems one device has saved permanently the old password and this device is constantly to authenticate the user, so the account gets locked. In order to solve the problem I want to deny this device by its MAC address according to Colin's answer of this thread:
http://community.arubanetworks.com/t5/Security/Blacklisting-clients-based-on-MAC-address/td-p/86182
This is the situation in Access Tracker:
I have added a rule (the first one) which deny MAC address 047970C12A01 in the service. I have added that MAC address in a Static Host List. These are the role and enforcement tabs in the service:
But after doing this changes, I can see the device keeps trying to authenticate in Access Tracker as always, and ClearPass lets the device to authenticate.
What can happen? Is anything misconfigured?
Regards,
Julián