topic Downloadable ACL for users only? in Network Access Control https://community.cisco.com/t5/network-access-control/downloadable-acl-for-users-only/m-p/2379594#M89205 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>You can do this by following these steps:</P><P></P><P>1. Set a user defined dictionary attribute under System Administration &gt; Dictionary &gt; Identity &gt;Internal Users name it what you want and make sure the value is string</P><P>2. Create the DACL in Named Permission Objects under the policy elements section</P><P>3. Under the user account you will now see a filed for the dictionary name you called in step 1, make sure the filed matches the dacl you created in step 2</P><P>4. Create your authorization profile under "common tasks" Set Dynamic as the DACL drop down select Internal Users and set the value to the attribute you created in step1.</P><P>5 map the authorization policy to the access policy using the conditions that will give you these results.</P><P>6. test and you should have what you are looking for.</P><P></P><P>Thanks,</P><P>Tarik Admani <BR />*Please rate helpful posts*</P></BODY></HTML> Fri, 20 Dec 2013 02:43:11 GMT Tarik Admani 2013-12-20T02:43:11Z Downloadable ACL for users only? https://community.cisco.com/t5/network-access-control/downloadable-acl-for-users-only/m-p/2379593#M89204 <P>Hello all,</P><P></P><P>in ACS 5.4 I need customized ACL for users only. </P><P>My scenario:</P><P>There is a way to use some "Downloadable ACLs" in authorization profile but I want to define specific ACLs for some exeptions. For example: User A and user B get autorization profile "X". But user B is not allowed to access on a host. This "Deny rule" I will configure with custom attributes in the internal user store.</P><P></P><P>Is that possible? How can I implement this rule?</P><P></P><P>best regards,</P><P></P><P> Stefan</P> Mon, 11 Mar 2019 04:12:03 GMT https://community.cisco.com/t5/network-access-control/downloadable-acl-for-users-only/m-p/2379593#M89204 vita_user 2019-03-11T04:12:03Z Downloadable ACL for users only? https://community.cisco.com/t5/network-access-control/downloadable-acl-for-users-only/m-p/2379594#M89205 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>You can do this by following these steps:</P><P></P><P>1. Set a user defined dictionary attribute under System Administration &gt; Dictionary &gt; Identity &gt;Internal Users name it what you want and make sure the value is string</P><P>2. Create the DACL in Named Permission Objects under the policy elements section</P><P>3. Under the user account you will now see a filed for the dictionary name you called in step 1, make sure the filed matches the dacl you created in step 2</P><P>4. Create your authorization profile under "common tasks" Set Dynamic as the DACL drop down select Internal Users and set the value to the attribute you created in step1.</P><P>5 map the authorization policy to the access policy using the conditions that will give you these results.</P><P>6. test and you should have what you are looking for.</P><P></P><P>Thanks,</P><P>Tarik Admani <BR />*Please rate helpful posts*</P></BODY></HTML> Fri, 20 Dec 2013 02:43:11 GMT https://community.cisco.com/t5/network-access-control/downloadable-acl-for-users-only/m-p/2379594#M89205 Tarik Admani 2013-12-20T02:43:11Z