Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACS 5.1 TACACS+ and an AD group

I have joined our ACS5.1 to AD.  I can map a group in the AD section and see that it mapped correctly.

How do I set TACACS+ to authenticate against that group?  I am not able to see that group appear anywhere in group choices.  I am also unable to see the users within that group anywhere.

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: ACS 5.1 TACACS and an AD group

Hi burnsidestev,  That is all done from your Access Policies. Goto the Authorization tab of your TACACS  policy (usually Default Device Admin). Then hit the Customize button on that page. It should allow you to add new columns to the Conditions list, one of which should be "AD1: External Groups". Once that is added to the page you should be able to edit any rules and select any of the AD groups you selected under the original AD configuration.  Thanks,  Nate

Posted from my mobile device.

2 REPLIES
Cisco Employee

Re: ACS 5.1 TACACS and an AD group

Hi burnsidestev,  That is all done from your Access Policies. Goto the Authorization tab of your TACACS  policy (usually Default Device Admin). Then hit the Customize button on that page. It should allow you to add new columns to the Conditions list, one of which should be "AD1: External Groups". Once that is added to the page you should be able to edit any rules and select any of the AD groups you selected under the original AD configuration.  Thanks,  Nate

Posted from my mobile device.

Community Member

Re: ACS 5.1 TACACS and an AD group

Thanks so much.  I knew it would be in there somewhere!

284
Views
0
Helpful
2
Replies
CreatePlease to create content