04-06-2010 09:45 AM - edited 03-10-2019 05:03 PM
Hi All,
I have two active directory security groups lets say Group1users and second Group2users. All the users belongs to these groups. Both of these groups are a member of another security group GroupUsers. If i map the acs group to GroupUsers, the users authentication puts the users into the default group. but if i use Group1users or Group2users into the mapping, they are placed into the right group. Is the hierarchical group supported into the acs? Any solution for this if its not supported.
Many Thanks
04-06-2010 10:27 AM
I am assuming you have ACS 4.x?
The group mappings are applied top to bottom as you look at the group mapping list. With this in mind, create mappings such that groupusers goes to one ACS group, groupusers1 to another, etc.
Keep in mind that you can only map a given AD group to a single ACS group, but multiple AD groups can point to a single ACS group.
04-07-2010 01:52 AM
Thanks Javier for reply. I have cisco ACS 3.3 and i understand group mapping but it seems acs server not supporting active directory nested groups.
Active directory structure
Group1: user1, user2
Group2: user3, user4
Group3: Group1, Group2
ACS server Groupe mapping and order
ACSGroup1: Active directory Group3
ACSGroup2: Active directory Group1
ACSGroup3: Active directory Group2
Users are not mapping to ACSGroup1 as its nested. The users maps properly to ACSGroup1 and ACSGroup2.
How i setup acs/active directory to understadn nested groups?
04-12-2010 03:55 AM
I have cisco ACS 3.3 which doesn't support hierarical group mapping in active directory.
thanks for your help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide