Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
493
Views
0
Helpful
2
Replies

ACS 5.0, Identity Groups within Access Services Authorization

stephan.ochs
Level 1
Level 1

‎10-23-2009 05:37 AM - edited ‎03-10-2019 04:45 PM

At the moment I'm evaluating ACS 5.0.0.21 (Eval-Version).

I defined a Service Selection that leads to an Access Service named "DeviceAdmin".

Within this I defined Authorization Rules (Standard Policy) with Conditions an Identity Group and/or UserName.

The problem ist that they never match.

Even if I define an (existing) Identity Group (also All Users) or an (existing) Username, the Authorization Policy always hits to default rule.

Any hint, what's wrong? A known bug?

Labels:
0 Helpful
2 Replies 2

jrabinow
Level 7
Level 7

‎10-26-2009 04:06 PM

Can you clarify which identity store you are authenticating against in the identity policy?

Also a good place to look for troubleshooting is at:

Monitoring & Reports: ... > Reports > Catalog > AAA Protocol > RADIUS_Authentication

Get to see a list of all recent attempts and any failure reasons. Can select the magnifying glass icon to drill down on the details of the request processing

0 Helpful

stephan.ochs
Level 1
Level 1
In response to jrabinow

‎10-27-2009 12:07 AM

Thanks for your reply.

Yesterday I purged all identity groups, applied them again and it worked.

0 Helpful
Customers Also Viewed These Support Documents