Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Restrict Authentication to an AD group only

CISCO ACS 5.3

Using external data identity store: AD

Hi all,

Is there a way to lock down the authentication to one AD group only ?

In access policies authorization can be restricted to a group only but I cannot find a way to do it with authentication. For example,anyone in AD can try to ssh or telnet to a network a have access to non-privilege/level 1 . I want to restrict it to the "CISCO admins" group that I already created

Any help is appreciated

John

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Restrict Authentication to an AD group only

Hi JOhn,

   Its not possible in Identity,You can only restrict the access in the AUthorization, By choosing the external groups:AD attribute from customize:

Best Regards:

Minakshi (Do rate the helpful posts )

1 REPLY
Silver

Restrict Authentication to an AD group only

Hi JOhn,

   Its not possible in Identity,You can only restrict the access in the AUthorization, By choosing the external groups:AD attribute from customize:

Best Regards:

Minakshi (Do rate the helpful posts )

101
Views
0
Helpful
1
Replies
CreatePlease login to create content