Windows Services Setup Guide

ADConnector is used to enable Single Sign-On capability to domain Windows and Macintosh devices and MetaAccess NAC without the need for a Policy Key.

The DHCP Syslog service provide IP address to MAC address correlation data enabling the ability to persist device details across multiple sessions.

The OPSWAT AD Connector has been introduced to collect all AD Sign-on events from one or more Active Directory Services (supports Windows Server 2003 and Windows Server 2008, and Server 2012). The sign on events will be sent from the Active Directory Servers to the MetaAccess NAC Policy Manager for Single Sign-On and Device Ownership assignment.

As of the 6.01 release of MetaAccess NAC, domain member Windows and Macintosh machines no longer require a policy key to use domain style single sign-on. This release also adds the device attribute feature. Domain machines can now be place into Policy Groups based on attributes defined for the device in Active Directory.

How MetaAccess NAC leverages DHCP information

Device Persistence: DHCP data provides the necessary mac address information to allow MetaAccess NAC to track a single device after multiple IP lease expiration. The result is that users have the ability to more easily use their devices after leaving the network and returning later.

Policy Enforcement by Mac Address: With DHCP information, enforcement for non-Policy Key devices can be applied based on a mac address. In most environments, a mac address is much more reliable since IP assignments change over time.

Device Enrollment: MetaAccess NAC provides the ability to enroll network-enabled media and gaming devices. Before this functionality can work, MetaAccess NAC must have a reliable source, such as DHCP, for obtaining mac address information for these devices.

The Purpose of this document is to outline the steps required to configure an Active Directory environment to Single Sign-On domain member Windows and Macintosh machines to a MetaAccess NAC system and send device specific attributes to MetaAccess NAC and to configure a Windows DHCP server to forward DHCP syslog to a MetaAccess NAC environment.

##

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
AD Connector Installation and Configuration
On This Page
Windows Services Setup GuideHow MetaAccess NAC leverages DHCP information