https://community.cisco.com/t5/network-access-control/ise-wired-tls-with-group-mapping/m-p/2419332#M88698 <HTML><HEAD></HEAD><BODY><P>You should be able to do this, as long as the cn name is in the corrext format which for computer certificates it ahould be fine. Setup the ldap external store, find the grouo and map that to your authz policy.<BR /><BR /><BR />Sent from Cisco Technical Support Android App</P></BODY></HTML> Thu, 16 Jan 2014 13:24:30 GMT Tarik Admani 2014-01-16T13:24:30Z https://community.cisco.com/t5/network-access-control/ise-wired-tls-with-group-mapping/m-p/2419331#M88688 <P>Hi. We authenticate wired clients using EAP-TLS with Computer Certificates. This works fine so far. Now we need an authorization with LDAP and set the VLAN based on the AD Group of the Computer. Is there a way to use the CN of the Certificate and retrieve the Attributes of the Client over LDAP?</P><P>Does anybody know how this could be done?</P><P>Regards,</P><P>Urs</P> Mon, 11 Mar 2019 04:17:13 GMT https://community.cisco.com/t5/network-access-control/ise-wired-tls-with-group-mapping/m-p/2419331#M88688 tsgruu2000 2019-03-11T04:17:13Z https://community.cisco.com/t5/network-access-control/ise-wired-tls-with-group-mapping/m-p/2419332#M88698 <HTML><HEAD></HEAD><BODY><P>You should be able to do this, as long as the cn name is in the corrext format which for computer certificates it ahould be fine. Setup the ldap external store, find the grouo and map that to your authz policy.<BR /><BR /><BR />Sent from Cisco Technical Support Android App</P></BODY></HTML> Thu, 16 Jan 2014 13:24:30 GMT https://community.cisco.com/t5/network-access-control/ise-wired-tls-with-group-mapping/m-p/2419332#M88698 Tarik Admani 2014-01-16T13:24:30Z