topic ISE Authentcation via Active Directory based on SSID and AD Grou in Network Access Control https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145530#M127931 <HTML><HEAD></HEAD><BODY><P>Found the solution on Cisco's URL</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/image/gif/paws/115734/ise-policies-ssid-00.pdf">http://www.cisco.com/image/gif/paws/115734/ise-policies-ssid-00.pdf</A></P><P></P><P>Thanks,</P></BODY></HTML> Tue, 16 Apr 2013 12:22:18 GMT Usama Waheed Khan 2013-04-16T12:22:18Z ISE Authentcation via Active Directory based on SSID and AD Group https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145529#M127903 <P>Hi,</P><P></P><P>I am deploying ISE with WLC 7.4. I have two SSID(s) running in my network 1. Corporate &amp; 2. Services. I have a domain setup lets say "AD.com" with 4 groups 1. Corporate, 2. Services, 3. Employees, 4. Contractors.</P><P>Here is an example of the scenario that I want:</P><P></P><P>AD.com Group : Corporate's User : 1. C_USER1</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2. C_USER2</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 3. C_USER3</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 4. C_USER4</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 5. C_USER5</P><P></P><P>AD.com Group : Services's User :&nbsp;&nbsp; 1. S_USER1</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 2. S_USER2</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 3. S_USER3</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 4. S_USER4</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 5. S_USER5</P><P></P><P>Now what I want to do is have 802.1x authentication on my Corporate SSID that will check in AD.com, ONLY AND in ONLY corporate group for authentication. That is only C_USER1 to C_USER5 are allowed to connect to it. Users from any other AD group shouldnt be authenticated on this SSID.</P><P></P><P>The same for the services group &amp; SSID.</P><P></P><P>Thanks.</P><P>Usama</P> Mon, 11 Mar 2019 03:18:57 GMT https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145529#M127903 Usama Waheed Khan 2019-03-11T03:18:57Z ISE Authentcation via Active Directory based on SSID and AD Grou https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145530#M127931 <HTML><HEAD></HEAD><BODY><P>Found the solution on Cisco's URL</P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/image/gif/paws/115734/ise-policies-ssid-00.pdf">http://www.cisco.com/image/gif/paws/115734/ise-policies-ssid-00.pdf</A></P><P></P><P>Thanks,</P></BODY></HTML> Tue, 16 Apr 2013 12:22:18 GMT https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145530#M127931 Usama Waheed Khan 2013-04-16T12:22:18Z ISE Authentcation via Active Directory based on SSID and AD Grou https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145531#M127954 <HTML><HEAD></HEAD><BODY><P><STRONG>Kindly&nbsp;&nbsp; review:</STRONG></P><P></P><P> <A href="https://www.cisco.com/en/US/docs/solutions/Enterprise/Security/TrustSec_2.0/trustsec_2.0_dig.pdf">https://www.cisco.com/en/US/docs/solutions/Enterprise/Security/TrustSec_2.0/trustsec_2.0_dig.pdf </A></P></BODY></HTML> Thu, 16 May 2013 14:04:40 GMT https://community.cisco.com/t5/network-access-control/ise-authentcation-via-active-directory-based-on-ssid-and-ad/m-p/2145531#M127954 manjeets 2013-05-16T14:04:40Z