cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
569
Views
0
Helpful
3
Replies

ACS 4.2 Group Mapping & Restriction

avilt
Level 3
Level 3

I am trying to setup group mapping on ACS 4.2/Windows for group mapping as shown below.

ACS--->Ext db--->Group mapping--->windows--->choose domain---> add mapping----> choose NT group and pick one acs group-->submit.

Wireless LAN users --> members of "WLAN group" in Active Driectory --> Mapped to "Group 05" in ACS
Network Administrators --> memmbers of "Network" group in Active Driectory --> Mapped to "Group 10" in ACS
Remote Access VPN users--> No mapping defined.

Now how should I proceed further? I want only the members of Network Admin to manage the network devices and similarly only the members of WLAN can use wireless LAN. Where can I specify this restriction?

3 Replies 3

You would use Network Access Profiles for this, with the caveat that NAP's are only supported for RADIUS authentications.

I am using TACACS with routers and Radius with WLAN. So this will not serve my purpose.

This can be achieved with NAR. However I was facing some issues as I was using active directory on Widows 2008 R2 which has some compatability issues and this is fixed by applying patch on ACS.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: