Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
315
Views
0
Helpful
1
Replies

ACS 5.x how do i limit who can authenticate to devices when using AD

mohdjeddi
Level 1
Level 1

‎12-06-2013 08:14 AM - edited ‎03-10-2019 09:09 PM

Hi everybody,

I am deploying ACS 5.4 and i configured AD as an external database and configured authorization based on the group. but right now anybody can authemticate to the device using their AD creds, they get assigned to the deny all commad set, but i don't want them to be able to access the device, how can i limit that?

Labels:
0 Helpful
1 Reply 1

jrabinow
Level 7
Level 7

‎12-07-2013 12:00 PM

You need to change the result of the default authorization rule at:

Access Policies > Access Services > Default Device Admin > Authorization

Edit default rule. Select "DenyAccess" as the Shell Profile result and save

0 Helpful
Customers Also Viewed These Support Documents