i'm trying to implement login of type user@group and not selecting from the drop down list the group when a user needs to login.I have enable the "@" as a delimiter character and trying to login via ldap authentication .
It can be done, I have done it last year using MS W2k3 AD and IAS. I have to do a lot of trial and error :) as I can't find the perfect documentation for it.
- Create multiple groups in AD, assign the user to their group.
- Create remote access policy in IAS for each group.
- Create one IP Pool in ASA
- Create Group Policy and Tunnel Group in ASA for each user group.
- The trick is in Tunnel Group.
NOTE: Be consistent with the group naming convention between AD, IAS, and ASA
The user is able to successfully login using the policy sets for its group in ASA without seeing the group drop-down list. Doing this, all groups will share the same IP Pool. You can still restrict the user to which IP Addresses and Ports to access by their group using Group Policy ACL. However. If you want to use different IP Pool per group, then they have to see the group drop-down list and select their assigned group.
The IAS configuration in the following link will help you give an idea, don't follow it as I said I can't find the perfect documentation (I did the perfect documentation for myself by trial and error);
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...