We were able to track this down to a switch configuration problem. the switch was only 
sending SNMP trap information to the old CAM and not the new one. Once we corrected this 
it worked as it had in our test environment. Sorry to have asked for naught (maybe this 
post will help someone else someday?)

--
Isabelle Graham
Information Security
American University

Isabelle Graham wrote:
> We are working on a layer 3, out of band deployment for portions of our 
> network. We had set up a fully functional model in our test network 
> using one of our production CAS pairs. We recently moved the CAS pair 
> from the test CAM back to the production CAM and added the port and 
> switch profiles, as well as the production switch (which was also used 
> in testing). Since this migration none of the devices on CCA controlled 
> ports are showing up in the Discovered Clients table, the Certified 
> Devices table nor the Online Users table. As a result, the users could 
> not be decertified and were allowed constant access. We double checked 
> the configuration and tried removing the switch, manually stetting the 
> VLANs for those ports to the in band VLAN, then re-adding the switch and 
> converting the users to out of band again through the web interface on 
> the production CAM, but the problem persists. When in the authentication 
> VLAN, the client and the web based login page give an error to the 
> effect that the MAC address of the device cannot be found. Has anyone 
> run across this?
>