03-05-2013 08:42 AM - edited 07-03-2021 11:40 PM
I am testing an ISE 1.1 with active directory. I have it mostly working. I am trying to setup rules that say if you connect to our wifi with a username from active directory and your PC is a member if the domain you get put on our internal wifi vlan. I can't seem to get the ISE to check to see if the computer has an account on our domain. Any quick tips?
Sent from Cisco Technical Support iPhone App
Solved! Go to Solution.
03-05-2013 09:00 AM
You have to use MARS. I don't use that because you have to be careful when the timeout hits. Here is the guide if you want to give it a try. Just remember, the Windows 7 machines send the machine authentication when it first boots up and never again, so all you will see is user credentials come through.
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1079177
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
03-05-2013 09:00 AM
You have to use MARS. I don't use that because you have to be careful when the timeout hits. Here is the guide if you want to give it a try. Just remember, the Windows 7 machines send the machine authentication when it first boots up and never again, so all you will see is user credentials come through.
http://www.cisco.com/en/US/docs/security/ise/1.0/user_guide/ise10_man_id_stores.html#wp1079177
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide