Solved: Re: Placing clients in untrusted after log off of AS SSO

sganpat · ‎05-21-2010

I have a L3 OOB NAC deployment with AD SSO. Users are mapped to different roles depending on OU membership and then to different VLANs. What happens is that if a user with a certain role logs on to a client and is palced in his VLAN, say VLAN10, and then logs off the PC, the PC stays in VLAN10.

Another user from a different role now comes along and logs onto that same PC stays in that same VLAN, but really needs to move to another VLAN because he/she has a different role.

If the system is rebooted then everything works fine as the SNMP linkdown trap is sent to the NAM.

How can I cause the clients using AD SSO change the role of the port to unauthenticated when they log off the system? I know that this can work with in-band but i don't know if it can be done with OOB.

Faisal Sehbai · ‎05-21-2010

Sachin,

OOB Logoff feature is coming in 4.8, due out in late summer. Currently what you're looking to do can't be done.

HTH,

Faisal

View solution in original post

Faisal Sehbai · ‎05-21-2010

Sachin,

OOB Logoff feature is coming in 4.8, due out in late summer. Currently what you're looking to do can't be done.

HTH,

Faisal

sganpat · ‎05-22-2010

Thanks for the info. I'll look out for that.