Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

ACS 5.2 Self authorization

Hi all!

I have problems in configuring Cisco ACS 5.2. I did not find how to configure it for authorization (on itself) by AD credentials. I mean, like an administrator acount, but from AD groups. It was easy to configure connection with AD, selecting identity groups and creating authentication policies for tacacs authorization on network devices. It works fine! But how can i configure it to authenticate by AD user/pass on itself? Can anyone give some suggestions. Thanks!

3 REPLIES

ACS 5.2 Self authorization

The feature you are looking for is not in ACS 5.2.  You will have to upgrade to 5.4 for the ability to make an AD group an ACS Administrator.

Community Member

ACS 5.2 Self authorization

Thanks for the reply! This is sad...

Community Member

ACS 5.2 Self authorization

Machine authentication provides access to network services to only these computers that are listed in Active Directory. This becomes very important for wireless networks because unauthorized users can try to access your wireless access points from outside your office building.

You can configure ACS to retrieve user or machine AD attributes to be used in authorization and group mapping rules. The attributes are mapped to the ACS policy results and determine the authorization level for the user or machine.

ACS retrieves user and machine AD attributes after a successful user or machine authentication and can also retrieve the attributes for authorization and group mapping purposes independent of authentication.

ACS can retrieve user or machine groups from Active Directory after a successful authentication and also retrieve the user or machine group independent of authentication for authorization and group mapping purposes. You can use the AD group data in the authorization and group mapping tables and introduce special conditions to match them against the retrieved groups.

Morover please go through given link for configuration. This link will helpful to you.

http://www.cisco.com/en/US/docs/net_mgmt/cisco_secure_access_control_system/5.2/user/guide/users_id_stores.html#wp1170642

216
Views
0
Helpful
3
Replies
CreatePlease to create content