Out of curiosity, is this need related to accommodating different security requirements for student workers given time-of-day (and/or location) ?
On 10/13/2010 5:26 PM, Jeremy Wood wrote: > Hey Pete, > > I'm going off the cuff here as I've never done this before and I'm not > sure what you are running there for auth servers but we're using ACS > here and there is an option to do "Time Bound Alternate Groups" > per-user or group. If you used a RADIUS server to do you're > authentication you could probably use the attributes returned to NAC > to craft an authentication rule that would do this. > > However, If you're using AD you are probably out of luck using just > NAC. You could write a powershell script + scheduled task to move the > user between groups in AD and then use NAC to map via those groups. > > --Jeremy > > On Wed, Oct 13, 2010 at 16:12, Pete Boynton <[email protected]> wrote: >> Has anyone ever done this?: >> >> >> >> I have a user who is on VLAN XXX from 08:00 to 20:00. Any time after that I >> don’t want him on VLAN XXX anymore. He needs to be on VLAN YYY. >> >> >> >> >> >> >> >> Thanks >> >> >> >> Higher One >> 25 Science Park >> New Haven CT, 06511 >> (203) 776-7776 x 4442 >> >> (203) 804-8896 cell >> >> > -- - Anthony Maszeroski, CCNA, CISSP ----------------------------------- Information Security Manager The University of Scranton email : [email protected] phone : 570-941-4226 -----------------------------------
