https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528245#M508824 <HTML><HEAD></HEAD><BODY><P>Take a look at</P><UL><LI><A _jive_internal="true" href="https://community.cisco.com/docs/DOC-76360">[ISE Lab Guide] ISE Active Directory Integration</A></LI><LI><A _jive_internal="true" href="https://community.cisco.com/docs/DOC-68159">How To: ISE &amp; BYOD: Using Certificates For Differentiated Access</A></LI></UL><P></P><P>Essentially, the authentications will be based on certificate using a certificate authentication profile to specify the certificate field to be used as the identity for authorization, and the authorization will perform AD group lookup.</P></BODY></HTML> Sat, 30 Jun 2018 00:57:22 GMT hslai 2018-06-30T00:57:22Z https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528243#M508822 <HTML><HEAD></HEAD><BODY><P>Hi Cisco</P><P></P><P>I need help to setup Policy for authorization to the network only for domain computers. </P><P>I have connected MS Domain controller to the ISE and using for username and password checking.</P><P>I would setup additional&nbsp; Authorization policy that only computer joined to domain able to pass and join to the corporate network.</P><P>Also I would know how to setup Certificate authorization policy so only computers that have certificate from the Domain controller can pass this step of authorization. </P><P></P><P></P><P>Best regards, </P></BODY></HTML> Thu, 28 Jun 2018 10:37:27 GMT https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528243#M508822 virginpulse 2018-06-28T10:37:27Z https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528244#M508823 <HTML><HEAD></HEAD><BODY><P>Please take a look here <A href="https://community.cisco.com/docs/DOC-78429">Cisco ISE Wired Access Deployment Guide</A></P></BODY></HTML> Thu, 28 Jun 2018 11:28:30 GMT https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528244#M508823 ognyan.totev 2018-06-28T11:28:30Z https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528245#M508824 <HTML><HEAD></HEAD><BODY><P>Take a look at</P><UL><LI><A _jive_internal="true" href="https://community.cisco.com/docs/DOC-76360">[ISE Lab Guide] ISE Active Directory Integration</A></LI><LI><A _jive_internal="true" href="https://community.cisco.com/docs/DOC-68159">How To: ISE &amp; BYOD: Using Certificates For Differentiated Access</A></LI></UL><P></P><P>Essentially, the authentications will be based on certificate using a certificate authentication profile to specify the certificate field to be used as the identity for authorization, and the authorization will perform AD group lookup.</P></BODY></HTML> Sat, 30 Jun 2018 00:57:22 GMT https://community.cisco.com/t5/network-access-control/authorization-policy-for-only-domain-computers/m-p/3528245#M508824 hslai 2018-06-30T00:57:22Z