cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
678
Views
0
Helpful
1
Replies

ACS 3.3 Unkown User Policy

wilson_1234_2
Level 3
Level 3

We have ACS providing TACACS authentication to our network devices.

ACS is configured to check Active Directory if the user is not in the Local ACS database.

If the user is not already configured in the Username list, ACS creates a dynamic account for the user if he is in Active Directory.

The dynamic account has level 15 priviledges.

I am trying to find where I change the Dynamic Mapping settings for the users that get created this way.

The Default Group settings are different that the dynamically mapped user settings.

How can I change the Level for these dynamic accounts that get created, or stop it?

If I change the External Database to not include Active Directory, will it prevent the existing users configured to use AD as their external database from loggin in?

1 Reply 1
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco