Our ACS is used for AAA for wireless, IOS CLI access and unix server access. For both net admins and unix admins, there are two levels, so effectively we have 5 individual device groups which a user may be permitted to access.
User groups are defined in Active Directory.
I am looking for a way to combine information from multiple AD security groups to determine what a user can access. For instance, a net admin may or may not be a unix admin as well.
Is there a way of doing this other than having to have a large number of AD groups with one for each combination of authorization privilidges?