Extreme Networks

Tiago_Moreira · ‎12-09-2015

Hello,

We have a NAC installed with Portal and Authenticated Registration.
However, we want to restrict the authenticated users to a single group in LDAP.
We followed the procedure from the video tutorial, with the User Group to End System Mapping but apparently all users from the AD are able to login instead of restricting it to the LDAP group we want.
How can we make that configuration so that only the users from a certain group can login?

Thanks in advance!

Joseph_Burnswor · ‎12-09-2015

I have done this in the past. What you would want to do is, create a new "Web Authenticated Users" (Name it however you see fit) rule. Once created, there is a gear button above the rules and will let you do advanced ordering. With the advanced ordering you can move your newly created rule above the default "Web Authenticated rule. Just make sure that in your new rule, you have the user group specified as a match criteria.

If you have any other questions about this, ill be more than happy to help

Tiago_Moreira · ‎12-09-2015

I already looked at that topic, but as Michael Kirchner replied, the Web Authenticated Users don't go by that rule.
The configuration is specific in the Portal Configuration, and we already mapped the user group to end system group but the issue is that it allows all users from all groups.

Ronald_Dvorak · ‎12-09-2015

Hi,

please take a look into this post and let us know whether that solved the problem...

https://community.extremenetworks.com/extreme/topics/nac_web_authenticated_registration

-Ron

Extreme Networks

NAC Manager Portal Web Authentication

NAC Manager Portal Web Authentication