Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problems with IAS

I have configured my cisco devices to authenticate administrators againts active directory using IAS. But I would like IAS to publish the appropriate privileges at logon.

"privilege exec level 7 write memory"

I would also like to centralize my access-classes the same way.

2 REPLIES

Re: Problems with IAS

Hi,

Have you tried this?

- Fire up IAS

- Select "Remote Access Policies"

- Right-click the policy

- Select "Properties"

- "Policy conditions:" should only show "Windows-Group matches "DOMAIN\OU""

- Select "Edit PRofile"

- Select "Advanced"

- Remove "Framed-Protocol" from the "Attributes:"

- Edit "Service-Type" from the "Attributes:" and change the "Attribute Value" to "Login"

- In the "Advanced" tab, select "Add" + "Vendor-Specific" + "Add" + "Add"

Select from list: Cisco

Check "Yes, it conforms"

- Select "Configure Attributes"

Vendor-assigned attribute number: 1

Attribute format: String

Attribute value: 7

- Save (ok, ok, ok......)

Regards,

Dandy

New Member

Re: Problems with IAS

I was able to configure IAS to grant users level 7 access, but i would also like the privileges i have linked to level to be pushed from IAS as well. So when user bob logs in and is a member of a group that has level 7 access he can modify a interface but nothing else.

275
Views
0
Helpful
2
Replies