Did you figured this out yet? I have done this.
I still not figure it out yet. this is killing me. appreciate you can provide the s tample of it? Many Thanks!
See attached ruleset. This will work using the authentication server, and if the user fails auth, it will set the username to "RestrictedUser" for the failed user.
You can then build policy around the user using my policy guide: https://community.mcafee.com/docs/DOC-2210
There may be some tweaks you can make to the attached ruleset to make it work better how you like, but it should do the trick. Keep in mind with this ruleset you will get prompted at least once.
tryauthserver.xml 34.7 K
Million of Thanks. will try it out soon.