Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
583
Views
0
Helpful
3
Replies

ACS 4.2 Group Mapping & Restriction

avilt
Level 3
Level 3

‎08-18-2010 07:23 PM - edited ‎03-10-2019 05:20 PM

I am trying to setup group mapping on ACS 4.2/Windows for group mapping as shown below.

ACS--->Ext db--->Group mapping--->windows--->choose domain---> add mapping----> choose NT group and pick one acs group-->submit.

Wireless LAN users --> members of "WLAN group" in Active Driectory --> Mapped to "Group 05" in ACS
Network Administrators --> memmbers of "Network" group in Active Driectory --> Mapped to "Group 10" in ACS
Remote Access VPN users--> No mapping defined.

Now how should I proceed further? I want only the members of Network Admin to manage the network devices and similarly only the members of WLAN can use wireless LAN. Where can I specify this restriction?

Labels:
0 Helpful
3 Replies 3

Javier Henderson
Level 4
Level 4

‎08-19-2010 12:48 PM

You would use Network Access Profiles for this, with the caveat that NAP's are only supported for RADIUS authentications.

0 Helpful

avilt
Level 3
Level 3
In response to Javier Henderson

‎08-19-2010 06:07 PM

I am using TACACS with routers and Radius with WLAN. So this will not serve my purpose.

0 Helpful

avilt
Level 3
Level 3
In response to avilt

‎08-25-2010 10:50 PM

This can be achieved with NAR. However I was facing some issues as I was using active directory on Widows 2008 R2 which has some compatability issues and this is fixed by applying patch on ACS.

0 Helpful
Customers Also Viewed These Support Documents