[c-nsp] Question to ACS

Fred Reimer freimer at ctiusa.com
Thu Dec 6 13:10:01 EST 2007


You would setup a new group in your AD domain, and then map it to a new
group on the ACS.  Then, set the default group to the "default" ACS group,
and disable this group.  You can create multiple NT group mappings and use
per group settings to allow them access to certain resources, via
downloadable ACL's for example.

HTH,

Fred Reimer, CISSP, CCNP, CQS-VPN, CQS-ISS
Senior Network Engineer
Coleman Technologies, Inc.
954-298-1697
 


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ahmad Cheikh-Moussa
Sent: Thursday, December 06, 2007 11:45 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Question to ACS

Hi!

I don't know, whether this is the right list or not.
I have an ACS Appliance which is connected to an Active directory
Server. The configuration for that connection is done in the external
database configuration. All user within the domain can be authenticated.
Now I do not want that every active directory user can log to
the network. I want to add a group into the active directory and
only this user, who are a member of this group should be allowed
to log in. I think this would be done in the external database
configuration of the ACS. 

Does anyone knows, how to configure this ?
Can I configure the name of such a group in the GroupAttributeName ?

Regards,
 Ahmad




-- 
Ahmad Cheikh-Moussa 
NetUSE AG
Dr.-Hell-Straße, 24107 Kiel, Germany
Telefon: +49 431 2390 400 --  Telefax: +49 431 2390 499
Service: Service at NetUSE.DE --  http://NetUSE.DE/

Vorstand: Andreas Seeger (Vorsitz), Dr. Roland Kaltefleiter, Dr. Joerg
Posewang
Aufsichtsrat: Detlev Huebner (Vorsitz)
Sitz der AG: Kiel, HRB 5358 USt.ID: DE156073942

Diese E-Mail enthaelt vertrauliche oder rechtlich geschuetzte Informationen.
Das unbefugte Kopieren dieser E-Mail oder die unbefugte Weitergabe der
enthaltenen Informationen ist nicht gestattet.

The information contained in this message is confidential or protected by
law. Any unauthorised copying of this message or unauthorised distribution
of the information contained herein is prohibited.

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3080 bytes
Desc: not available
Url : https://puck.nether.net/pipermail/cisco-nsp/attachments/20071206/16971441/attachment.bin 


More information about the cisco-nsp mailing list