I have set up Cisco WLAN using 802.1X with Microsoft NPS and it is capable of authenticating user against security groups on AD. In my case i am having 2 different network policies, one for computer where as the other one for user. My problem is that policy works sequentially as an OR statement instead of AND statement. Due to this mess users can logon from an invalid computer as well. I just want user on domain computer in security group to logon and not any invalid computer. what are my options for the same???
Bookmarks