Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ISE, Active directory and OUs

Hello Everyone

 

I have an ISE with an AD integration, i am trying to limit the access to the wireless users, i only added one OU "wireless users", but all the users can access to the wireless network, i just want to allow the access to the users in that OU, and block the access to the other users not included in that OU.

 

Other thing, i am not able to see the attributes from the directory, is this an issue with the AD?.

 

Regards

Israel

3 REPLIES

Refer"Configuring Active

Refer

"Configuring Active Directory User Attributes" and "Configuring Group Policies in Active Directory" from

http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/user_guide/ise_user_guide/ise_man_id_stores.html

New Member

I have been trying to limit

I have been trying to limit the users using the OU, but i still having issues, for example i have the ou wireless, user: test1 and other user in a different OU, both users authenticated in the wireless 802.1.x, and i defined in the authorization compound the distinguishedname the ou wireless.

 

Do you know if there something missing in the ISE?

 

Regards

 

Israel

New Member

Just to add some information,

Just to add some information, I added the AD in the external identity sources, and i can see the OUs in the groups, i choosed the ou wireless.

 

Then i created an authorization compound conditions

Radius Service type: Frame

Radius Nas Port: Wireless -802.1x

and the network access equals domain/users/wireless.

 

I applied this in my authorization policy.

 

But it still does not work.

170
Views
0
Helpful
3
Replies