Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS secure mapping user against NT domain Group

It seem that the external group mapping (NT Domain Group to a ACS group) work only with the immediate NT group where the users are defined. So if a group A(let say user toto is defined directly in NT domain group A) is then defined in another more general group (let say group A defined in group B), does the ACS radius server will be able to map the user toto against the general group B ? From my test - external mapping will only work against the immediate group, group A in my example.


Re: ACS secure mapping user against NT domain Group

The Database Group Mapping feature in the External User Databases section enables you to associate unknown users with a CiscoSecure ACS group for assigning authorization profiles. For external user databases from which CiscoSecure ACS can derive group information, you can associate the group memberships defined for the users in the external user database to specific CiscoSecure ACS groups