I'm working on that solo ISE deployment for our corporation and had what I thought was a working dot1x setup, since dot1x was passing authentication and successfully applying the appropriate dACL and all that jazz.
Trouble is, I discovered along the way that ISE, by default, only uses security groups out of Active Directory for user group assignments, but our AD is structured using Organizational Units. I found a rather unhelpful article from 2012 that suggests using regex to search for distinguishedName to find a user in an OU, but it isn't well written, the syntax in the article doesn't match the referenced syntax in the sample screenshot, etc.
Is there an actual useful guide for using OUs in ISE, or is this simply not supported at all?
Any help is appreciated
No comments:
Post a Comment