Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Getting scripts

hi all,

i have several vlans which have to access my domain controller and active directory to get authentication and scripts, there is a problem with getting the scripts. how can i define an ACL which would allow them to only get the scripts.


Re: Getting scripts


For this you need to set up machine authentication on the network (Radius).

Q. What is machine authentication and how does Cisco Secure ACS support it today?

A. Machine authentication is used at boot time to authenticate and communicate with Windows domain controllers to pull down machine group policies independently of an interactive user authentication session. Cisco Secure ACS provides a mechanism to allow machine authentication on an 802.1X port before a user session is initiated. This is done by communicating the machine name with or without a valid certificate (depending on the EAP method used) to the Cisco Secure ACS server for machine identity verification. Cisco Secure ACS version 3.2 supports machine authentication using either EAP-TLS or

PEAP-EAP-MSCHAPv2 against Windows Active Directory.

Hope that helps



Please rate helpful posts

New Member

Re: Getting scripts

Why do you need machine authentication??? I think the question simply asks what ACE's do you need to allow client machines in the particular network to execute scripts from the domain controller.

CreatePlease to create content