I would like to limit access only to the VLAN port assignment. So I've checked the "VLAN Port Assignment" boxe in the User profile created on my ACS.
The problem is that there is no devices listed under Configuration/VLAN Port Assignment/Device Selector window/All Devices.
When I put the user on the Network Admin group, I can list devices.
Also, I found a security problem. When I limit the access to a NDG, devices under the "All Devices" respect that limitation. But when you go under Campus-Switch Clouds-Switchcloud-1, all devices are listed and I can change the vlan of any interfaces.
Is that normal ?
I'm using LMS 3.1 and ACS 4.1
When a user connects to LMS, the ACS log file show the IP source as the IP of the Ciscoworks server. Is there a way to obtain the user workstation IP to restrict access only from his IPs.