My topology : Wireless user -> WLC 2504 -> Cisco ACS 5.6 (Joined and Connected AD) -> Microsoft AD (2012)
I want to authenticate wireless user by using Microsoft AD and Cisco ACS 5.6.
I create MAC address of user in Microsoft AD and create identity rule by selecting "Calling-Station-ID" in "RADIUS-IETF" dictionary equal MAC Address or mac-attribute and so on.
However, ACS cannot find MAC Address in Microsoft AD that give me the error message "22056 Subject not found in the applicable identity store(s)."
I try many RADIUS-IETF attributes but I got same error message.
For more information, please see attached files.
Are you using a controller? I have 50K users that auth via ad on our wirless.
this is what I use:
|Default Network Access|
CTS Security Group:
the above was from a client that passed auth. my mevo auth profile is a simple
attribute cisco-av-pair type string attribute value static pki:cert-application=all
under access policies and default network access.
I have it customized and have these fields. < see attached>