Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

User Account Question

I have an ASA 5520, and we are undergoing an audit.  Is there a way to view a list of users/accounts?  I am tasked with reporting all users who's credentials will login to the ASA.  All such users are in Active Directory, but I was advised that the "anyconnect group" is a catch-all group that will not be accurrate. 

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

User Account Question

Hi Burgessf,

To view all user accounts locally created on ASA , go to ASDM--->Device Management--->Configuration-->Users/AAA-----> User Accounts.

Also if Active Directory is integrated for user authentication, then see which OU is specified under base DN attributes. ASA can query only that OU for user authentication.

Device Management-->Configuration----->AAA server Group--->Servers in the selected Group--->Select AD server------>Edit----> Base DN----->OU= what ever OU specified there.

All users specified in that OU can login to the device but they may have different level of authorization.

2 REPLIES
Silver

User Account Question

Hi Burgessf,

To view all user accounts locally created on ASA , go to ASDM--->Device Management--->Configuration-->Users/AAA-----> User Accounts.

Also if Active Directory is integrated for user authentication, then see which OU is specified under base DN attributes. ASA can query only that OU for user authentication.

Device Management-->Configuration----->AAA server Group--->Servers in the selected Group--->Select AD server------>Edit----> Base DN----->OU= what ever OU specified there.

All users specified in that OU can login to the device but they may have different level of authorization.

New Member

User Account Question

Poonam,

Thank you, your advice helped me greatly.

147
Views
0
Helpful
2
Replies
CreatePlease to create content