Active Directory Group Policy mappings when Meraki MX is not the default Gateway. . .
I have a customer who is unable to apply policy-based rules in his Meraki MX. He is saying the MX does not recognize authenticated users from Active Directory. Is there anyone who has Group Policies working on an MX, where there is no layer 2 visibility, and the Meraki is tracking clients by IP address?
Any suggestions would be helpful? All the Domain Controllers are showing up green in the dashboard. . .
The MX utilizes Microsoft's Windows Management Instrumentation (WMI) service to pull a continuous stream of Logon Security Events from specified Domain Controllers in the Active Directory domain. These security events have critical information that tells the MX which user accounts are logged into which computers. Specifically, the events contain the IP address of the computer and the Windows username of the logged on user.
However is it possible for you to test the AD Integration by changing the mode to "Track by MAC Address" and directly plugging a PC on to the MX.