Hi Eddie
I have never tried to send Aruba VSA with NPS, I'm always work with ClearPass. But I found this:
https://learn.microsoft.com/en-us/azure/virtual-wan/user-groups-radius
It describes how to send VSA's from NPS. After a quick read through I think you can follow this until point 11 and in 12 you have to modify the values to send.
If you would like to send an Aruba-User-Role the Vendor-assigned attribute number is 14823 and the attribute value is 1.
Please also check out this thread:
https://community.arubanetworks.com/discussion/radius-authentication-using-ms-nps-server
PS.
To search in the community you have a magnification glass icon in the top right corner, or you can go to: https://community.arubanetworks.com/search
------------------------------
Best Regards
Jonas Hammarbäck
MVP Guru 2024, ACEX, ACDX #1600, ACCX #1335, ACX-Network Security, Aruba SME, ACMP, ACSA
Aranya AB
If you find my answer useful, consider giving kudos and/or mark as solution
------------------------------
Original Message:
Sent: Jul 03, 2024 03:42 PM
From: eddie_ma
Subject: primer / refresher on MS NPS for config of User Role to A.D. user - for 7200 / 8.10.x - non-Clearpass
good day folks , so i dont quite see HowTo do a Search in these Community (must be a way !) , so my apologies for this new thread.
is there a good primer / tutorial on HowTo do a MS NPS config that'll provide a UserRole that can apply to an ActiveDirectory user....such that we can build-up an DESTINATION-IP ACL in 7200 controllers (VMM at 8.10.x ) , enforced to whichever UserRole that we create ?
thanks for any feedback ....
Happy 4th , to those in America ....
Eddie