03-05-2013 08:42 AM - edited 07-03-2021 11:40 PM
I am testing an ISE 1.1 with active directory. I have it mostly working. I am trying to setup rules that say if you connect to our wifi with a username from active directory and your PC is a member if the domain you get put on our internal wifi vlan. I can't seem to get the ISE to check to see if the computer has an account on our domain. Any quick tips?
Sent from Cisco Technical Support iPhone App
Solved! Go to Solution.
03-05-2013 09:00 AM
You have to use MARS. I don't use that because you have to be careful when the timeout hits. Here is the guide if you want to give it a try. Just remember, the Windows 7 machines send the machine authentication when it first boots up and never again, so all you will see is user credentials come through.
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1079177
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
03-05-2013 09:00 AM
You have to use MARS. I don't use that because you have to be careful when the timeout hits. Here is the guide if you want to give it a try. Just remember, the Windows 7 machines send the machine authentication when it first boots up and never again, so all you will see is user credentials come through.
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1079177
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: