Applies an AD (Active Directory ) group filter to this user-defined role. A wireless client can be a member of more than one group within the AD database. This command applies a AD group based firewall, which applies a role to a wireless client only if it belongs to the specified AD group.

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000


memberOf <AD-GROUP-NAME>


memberOf <AD-GROUP-NAME>

memberOf <AD-GROUP-NAME>

Applies this user-defined role to a client only if the client belongs to the specified AD group

  • <AD-GROUP-NAME> – Specify the AD group name.


rfs4000-229D58(config-role-policy-test-user-role-test)#memberOf ADTestgroup
rfs4000-229D58(config-role-policy-test-user-role-test)#show context
 user-role test precedence 1
  assign vlan 1
  assign rate-limit to-client 200
  memberOf ADTestgroup

Related Commands


Removes the AD group assigned to this user-defined role