Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

802.1x and ACS 5.1

We have been asked to extend an exiting wireless network utilising an ACS 1200 appliance for PEAP MSCHAPv2.  The ACS is currently configured to check a single security group for membership and then grant/deny access.

The customer has supplied 26 OUs across their AD that they would like all members of to be granted access.  Is there an easy, or relatively easy, way to configure this?

Hall of Fame Super Silver

802.1x and ACS 5.1

An easy way would be to create a Wireless Group and add all the OU's to that group, then you only have to lookup one group.



Help out other by using the rating system and marking answered questions as "Answered"

*** Please rate helpful posts ***
New Member

802.1x and ACS 5.1


Thanks for the reply.

I thought of using shadow groups with a PowerShell script to update the shadow groups but as my customer is a large multi-national running this type of script would not be acceptable.  Is this what you were thinking or is there a better way to add the OUs a a Wireless group?

Hall of Fame Super Silver

Re: 802.1x and ACS 5.1

I believe that is the only way.

Sent from Cisco Technical Support iPhone App

*** Please rate helpful posts ***