Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

User in a windows group - mapping to acs group appears not be working

I have a user in a windows group, this windows group is mapped to an ACS group but when the user logs in it appears as default group in ACS.

Any suggestion?

New Member

Re: User in a windows group - mapping to acs group appears not b

Hello, I recently implemented this very thing, actually integrated it with Authentication Proxy. Here are some settings to check:

1. External User Databases - Database Configuration - Windows Database - Configure

Make sure your domain is listed on moved to the Domain List section

2. External User Databases - Database Group Mappings - Windows Database - - Add Manual Mapping

Make sure you have the right AD group mapped to the internal ACS group, you can even set users* if you want to include all users.

3. External User Databses - Unknown User Policy

Check the "Check the following external user databases" radio dial and move Windows Database to Selected Databases

Check “The database in which the user profile is held” radio dial in the Configure Enable Password Behaviour section

Hope that helps!

CreatePlease to create content