Not sure if this belongs in AAA or firewalling. I apologize for the mix-up.
Does anyone know if there's a user-friendly (i.e. non-LUA) way of matching a single DAP entry to the following constraint:
- match specific connection profile
- match one of many specific usernames.
I know I can easily create an LDAP group, put the users there and match on the memberOf attribute, but I'm trying define local policies on the ASA for a limited number of users WITHOUT creating external LDAP groups and without having multiple DAP entries (connprofile/user1, connprofile/user2, connprofile/user3, ...)