Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS Remote Agent - group membership

The installation and configuration guide for the ACS remote agent says that the remote agent is able to do user group membership verification. I have spent hours trying to find out how to do this.

I have an ACS remote agent running on a domain controller and I only want users to be authenticated if they are members of a group e.g. called VPNUSERS.

If you have any ideas, please respond.

I'm getting a bit desperate.

Best regards

Sigurdur Bjornsson

New Member

Re: ACS Remote Agent - group membership

Hi Sigurdur,

I am experimenting with the ACS 4.0 solution engine myself and am looking to authenticate users based on the windows AD.

Once u have ur VPNUSERS group in ur AD... you can then in ur external user database, goto database mappings and select the VPNUSERS group.. then map it to the group on the ACS.

Now go back to your group setup icon in the ACS interface, u can rename it to reflect VPNUSERS and then configure all ur requisite settings.

hope this helps :)

New Member

Re: ACS Remote Agent - group membership

Well... I'm using Cisco Access Registrar.

I didn't mention it because I didn't think it was relevant.

I got the feeling from the documentation that the group verification was done by the remote agent and not dependant on groups on ACS or AR.

Thanks anyways.

CreatePlease login to create content