Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
317
Views
0
Helpful
1
Replies

ASA: Active Directory Group Membership should determine if OTP is used or not

Patrick Werner
Level 1
Level 1

‎03-05-2014 06:03 AM - edited ‎03-10-2019 09:29 PM

Hi Community.

Sorry, the subject sounds strange, but its hard to tell in few words.

Our customer connects with Anyconnec VPN and needs a special login behavior.

If our customer has User "xxx" and "yyy" in Active Directrtoy Group "OTP/LDAP Access" the ASA should ask the user "xxx" and "yyy" for LDAP credentials and OTP Password.

If our customer has User "zzz" in Active Directrtoy Group "LDAP Access" the ASA should ask the user "zzz" just for LDAP credentials.

My idea was to do two tunnel-groups one ask's for LDAP and OTP the another ask just for LDAP. But in that case the user gets a dropdown menu, where he has to choose the tunnel-group. But our customer dont want that drop down menu. The ASA should determine if he needs LDAP Credentals and OTP or just LDAP to connect.

Is that somehow possible ?

Best regards patrick

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Peter Koltl
Level 7
Level 7

‎05-30-2014 12:06 PM

you mean to assign a tunnel-group based on AD group membership?

0 Helpful
Customers Also Viewed These Support Documents