I am currently running that configuration. I set it up a long time ago and may not be able to help much, but feel free to ask, I will certainly try to help.
I followed everything described in KB 62804 https://mysupport.mcafee.com/Eservice/templatepage.aspx?sURL=3&pl=0
but it didn´t work. Is there some kind of trick not described in here?
Furthermore, when I check the users authenticated in the POLICY -> RULE ELEMENTS -> AUTHENTICATORS -> PASSPORT -> MANAGE PASSPORTS, I and see that, in the external group field, there is just a number zero, instead of the group member information.
Can you please help me with that?
I replied to Juliano offline, but just to update the forum with the solution as well:
The MLC can support multiple domains, so when the Firewall gets user and group information we add the domain at the end to differentiate what users/groups exist on each domain. As a result the smartfilter policy needs to reflect the user groups with the full domain. When configuring the Smartfilter policy you need to add the @domain_name at the end of the groups and it should work.
Hi Dgold, Can you tell me where do you add the @domain_name in the Smartfilter policy configuration. I don't find that on Smartfilter administered from Admin Console.
If you are administering Smartfilter from the Firewall Admin Console, the configuration of groups is done in another location. You can add groups in multiple ways, but I would try from the rule itself. If you click on "Users and Groups" and then click the plus sign to add a new "External Group".
Hope this helps,