topic ACS 5.x how do i limit who can authenticate to devices when using AD in Network Access Control https://community.cisco.com/t5/network-access-control/acs-5-x-how-do-i-limit-who-can-authenticate-to-devices-when/m-p/2365986#M105765 <P>Hi everybody,</P><P></P><P>I am deploying ACS 5.4 and i configured AD as an external database and configured authorization based on the group. but right now anybody can authemticate to the device using their AD creds, they get assigned to the deny all commad set, but i don't want them to be able to access the device, how can i limit that?</P> Mon, 11 Mar 2019 04:09:55 GMT mohdjeddi 2019-03-11T04:09:55Z ACS 5.x how do i limit who can authenticate to devices when using AD https://community.cisco.com/t5/network-access-control/acs-5-x-how-do-i-limit-who-can-authenticate-to-devices-when/m-p/2365986#M105765 <P>Hi everybody,</P><P></P><P>I am deploying ACS 5.4 and i configured AD as an external database and configured authorization based on the group. but right now anybody can authemticate to the device using their AD creds, they get assigned to the deny all commad set, but i don't want them to be able to access the device, how can i limit that?</P> Mon, 11 Mar 2019 04:09:55 GMT https://community.cisco.com/t5/network-access-control/acs-5-x-how-do-i-limit-who-can-authenticate-to-devices-when/m-p/2365986#M105765 mohdjeddi 2019-03-11T04:09:55Z ACS 5.x how do i limit who can authenticate to devices when usin https://community.cisco.com/t5/network-access-control/acs-5-x-how-do-i-limit-who-can-authenticate-to-devices-when/m-p/2365987#M105793 <HTML><HEAD></HEAD><BODY><P>You need to change the result of the default authorization rule at:</P><TABLE border="0" cellspacing="0" id="cuesBreadcrumbTable"><TBODY><TR><TD nowrap="nowrap">Access Policies &gt; </TD><TD nowrap="nowrap" title="Access Services"><A>Access Services</A> &gt; </TD><TD nowrap="nowrap" title="Default Device Admin"><A>Default Device Admin</A> &gt; </TD><TD nowrap="nowrap">Authorization</TD></TR></TBODY></TABLE><P></P><P></P><P>Edit default rule. Select "DenyAccess" as the Shell Profile result and save</P></BODY></HTML> Sat, 07 Dec 2013 20:00:22 GMT https://community.cisco.com/t5/network-access-control/acs-5-x-how-do-i-limit-who-can-authenticate-to-devices-when/m-p/2365987#M105793 jrabinow 2013-12-07T20:00:22Z