Problems with IAS

Unanswered Question
Nov 9th, 2007
User Badges:

I have configured my cisco devices to authenticate administrators againts active directory using IAS. But I would like IAS to publish the appropriate privileges at logon.

"privilege exec level 7 write memory"

I would also like to centralize my access-classes the same way.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Danilo Dy Fri, 11/09/2007 - 22:05
User Badges:
  • Blue, 1500 points or more


Have you tried this?

- Fire up IAS

- Select "Remote Access Policies"

- Right-click the policy

- Select "Properties"

- "Policy conditions:" should only show "Windows-Group matches "DOMAIN\OU""

- Select "Edit PRofile"

- Select "Advanced"

- Remove "Framed-Protocol" from the "Attributes:"

- Edit "Service-Type" from the "Attributes:" and change the "Attribute Value" to "Login"

- In the "Advanced" tab, select "Add" + "Vendor-Specific" + "Add" + "Add"

Select from list: Cisco

Check "Yes, it conforms"

- Select "Configure Attributes"

Vendor-assigned attribute number: 1

Attribute format: String

Attribute value: 7

- Save (ok, ok, ok......)



teller123 Sat, 11/10/2007 - 22:38
User Badges:

I was able to configure IAS to grant users level 7 access, but i would also like the privileges i have linked to level to be pushed from IAS as well. So when user bob logs in and is a member of a group that has level 7 access he can modify a interface but nothing else.


This Discussion