Active Directory Group Policy mappings when Meraki MX is not the default Gateway. . .

hilehoffer
Here to help

Active Directory Group Policy mappings when Meraki MX is not the default Gateway. . .

I have a customer who is unable to apply policy-based rules in his Meraki MX.  He is saying the MX does not recognize authenticated users from Active Directory.  Is there anyone who has Group Policies working on an MX, where there is no layer 2 visibility, and the Meraki is tracking clients by IP address?

 

Any suggestions would be helpful?  All the Domain Controllers are showing up green in the dashboard. . . 

 

Thank you,

 

 

1 REPLY 1
AjitKumar
Head in the Cloud

Hi @hilehoffer 

I vaguely remember this does work and was tested for one of my client.

I not too sure though.

Also the following Url suggests the same.

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Configuring_Active_Direc...

 

Excerpts from above thread.

 

The MX utilizes Microsoft's Windows Management Instrumentation (WMI) service to pull a continuous stream of Logon Security Events from specified Domain Controllers in the Active Directory domain. These security events have critical information that tells the MX which user accounts are logged into which computers. Specifically, the events contain the IP address of the computer and the Windows username of the logged on user.

 

However is it possible for you to test the AD Integration by changing the mode to "Track by MAC Address" and directly plugging a PC on to the MX.

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels