Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

Role Derivation with MAC CACHING.

This thread has been viewed 0 times

  • 1.  Role Derivation with MAC CACHING.

    Posted Feb 14, 2018 05:55 PM

    Hi Guys. 

     

    Firts off , thank for take the time to read the post. 

    I have a Captive portal with Mac Caching service for a college with Active directory, firts time a unknown device will be falling in the captive portal,  then is the user exist  and based in a Type_Of_User attribute in AD domain we can derivate many diferents rols and send them back to the controller, this works fine, but the next time a user get into the wifi network the one only role we get is Guest, I need to change the MAC ADDRESS for THE USERNAME to ask again if this username exist in the AD to derivate the role again but in MAC CACHING service. 

     

    any suggestion guy ?    is possible to change the attribute MAC address for smaaccount in the MAC caching authentication source,  anybody has faced this scenario.. 

     

    thanks sorry for my bad English.

     

     



  • 2.  RE: Role Derivation with MAC CACHING.

    EMPLOYEE
    Posted Feb 14, 2018 05:57 PM

    So you want to check AD for every subsequent MAC authentication?



  • 3.  RE: Role Derivation with MAC CACHING.

    Posted Feb 15, 2018 01:42 AM

    Hi Tim. 

     

    yes, we need to derivate roles with Mac Caching service to maintain the same experience of role derivation like Guest Portal, this because there ara student, researchers, professors and many other type of users in the campus.