Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1499
Views
0
Helpful
3
Replies

Group NT authenticated users

wei.hu
Level 1
Level 1

‎02-10-2003 07:10 PM - edited ‎02-21-2020 10:05 AM

Hi,

When the vpn users are authenticated with NT accounts, they will be put into the default group by default.

Is there a way to change the default behavior?

Thanks,

Wei

Labels:
0 Helpful
3 Replies 3

gfullage
Cisco Employee
Cisco Employee

‎02-10-2003 08:01 PM

Are you talkng about the VPN3000 default group, or the ACS server default group?

If the VPN3000, they'll be put into whatever group they have configured in the VPN client.

If the ACS, the you can set up Database Group mappings under the External User Database section and map users into a specific ACS group dependent on what Windows NT groups they're members of.

0 Helpful

wei.hu
Level 1
Level 1
In response to gfullage

‎02-11-2003 02:36 PM

It is about VPN3000 default group. The VPN Client is Microsoft VPN client.

The Client is also authenticated with certificate. I can see during the group authenticate (using "ou"), the client is put into correct group. But for the user authentication, it changes to use the default group again.

Regards,

Wei

0 Helpful

Blixten
Level 1
Level 1
In response to wei.hu

‎03-21-2003 07:21 AM

Hi!

From what I know the Windows VPN client does not support Cisco groups which is why all users connecting thru it will end up in the VPN3000 Base Group.

Regards

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents