Here is what I am trying to accomplish using an ASA 5540/Steel-Belted Radius/Active Directory. When a user connects via SSL they are able to select a group from the drop-down list on the login page.
Unfortunately as long as they have a valid active directory account they can log in to any group that is available.
Is it possible to set up Radius/Active Directory to pass a group back to the ASA based on the username? In other words, the ASA is given the group that individual belongs to by the Radius box as opposed to allowing the individual to select which group to login under.
Hope this makes sense. Any help is appreciated. David