topic Re: ACS 5.1 and MS Active Directory in Network Access Control https://community.cisco.com/t5/network-access-control/acs-5-1-and-ms-active-directory/m-p/1517400#M284488 <HTML><HEAD></HEAD><BODY><P><A class="jive-link-external-small" href="http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&amp;bugId=CSCtb71160">http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&amp;bugId=CSCtb71160</A></P></BODY></HTML> Thu, 23 Sep 2010 15:27:09 GMT Yudong Wu 2010-09-23T15:27:09Z ACS 5.1 and MS Active Directory https://community.cisco.com/t5/network-access-control/acs-5-1-and-ms-active-directory/m-p/1517399#M284484 <P>I have an installed base of ACS 5.1 and MS AD. Some users are allowed to dial-in via VPN based on the attribute "msNPAllowDialin=True" within AD while others have no permission.</P><P>Whenever ACS send an LDAP-request to AD to retrieve the attributes it gets the value of <STRONG>msNPAllowDialin=false</STRONG> according to the following report. </P><P></P><P>Cisco-AVPairs:</P><P>Other Attributes:</P><P>ACSVersion=acs-5.1.0.44-B.2347 <BR />ConfigVersionId=66 <BR />Device Port=35919 <BR />RadiusPacketType=AccessRequest <BR />Protocol=Radius <BR />IdentityDn=CN=aba,OU=Standard,OU=Users,OU=LLB_LI,OU=Organisation,DC=llb,DC=root,DC=net <BR /><STRONG>msNPAllowDialin=false <BR /></STRONG>Device IP Address=172.27.60.20</P><P></P><P>I would like to use this attribute via authorization-policies to grant or deny access via VPN.</P><P></P><P>I'm running patch-level 5.1.0.44.3.</P><P></P><P>is this a known bug or do I miss something ?</P><P></P><P>Any support is very much appreciated</P><P></P><P>Roman</P> Mon, 11 Mar 2019 00:26:03 GMT https://community.cisco.com/t5/network-access-control/acs-5-1-and-ms-active-directory/m-p/1517399#M284484 bthuer 2019-03-11T00:26:03Z Re: ACS 5.1 and MS Active Directory https://community.cisco.com/t5/network-access-control/acs-5-1-and-ms-active-directory/m-p/1517400#M284488 <HTML><HEAD></HEAD><BODY><P><A class="jive-link-external-small" href="http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&amp;bugId=CSCtb71160">http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&amp;bugId=CSCtb71160</A></P></BODY></HTML> Thu, 23 Sep 2010 15:27:09 GMT https://community.cisco.com/t5/network-access-control/acs-5-1-and-ms-active-directory/m-p/1517400#M284488 Yudong Wu 2010-09-23T15:27:09Z