08-18-2010 07:23 PM - edited 03-10-2019 05:20 PM
I am trying to setup group mapping on ACS 4.2/Windows for group mapping as shown below.
ACS--->Ext db--->Group mapping--->windows--->choose domain---> add mapping----> choose NT group and pick one acs group-->submit.
Wireless LAN users --> members of "WLAN group" in Active Driectory --> Mapped to "Group 05" in ACS
Network Administrators --> memmbers of "Network" group in Active Driectory --> Mapped to "Group 10" in ACS
Remote Access VPN users--> No mapping defined.
Now how should I proceed further? I want only the members of Network Admin to manage the network devices and similarly only the members of WLAN can use wireless LAN. Where can I specify this restriction?
08-19-2010 12:48 PM
You would use Network Access Profiles for this, with the caveat that NAP's are only supported for RADIUS authentications.
08-19-2010 06:07 PM
I am using TACACS with routers and Radius with WLAN. So this will not serve my purpose.
08-25-2010 10:50 PM
This can be achieved with NAR. However I was facing some issues as I was using active directory on Widows 2008 R2 which has some compatability issues and this is fixed by applying patch on ACS.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide