04-05-2010 06:51 AM - edited 03-10-2019 05:02 PM
Hello.
Is there any way (in ACS 5.1) to assign personal access list to each user instead of assigning it to Authorization profile and Authorization profile to user?
Thanks for any help.
04-05-2010 02:51 PM
Please clarify what you refer to as "personal access list". Which RADIUS attributes would be returned to set this personal access list
04-07-2010 03:50 AM
Hello.
In ealrier versions of ACS (for example 3.2) we could assign individual Downloadable ACL to each user.
Can I create the same in 5.1 ?
Best regards,
Pavel
04-07-2010 05:08 AM
This should be possible
You need to do the following:
1) GotoSystem Administration > Configuration > Dictionaries > Identity >Internal Users > Create
Create a user attribute that will store the DACL name of type string. We wil call this attribute DACL
2) When you create a user (Users and Identity Stores > Internal Identity Stores > Users > Create) you will now see the attribute "DACL" that can be created as part of each user record
3) Create an authorization profile: (Policy Elements > Authorization and Permissions > Network Access > Authorization Profiles > Create)
In "Common Tasks" tab, for "Downloadable ACL Name" select "Dynamic" option followed by "Internal Users" and then select the name of attribute you seelcted in step 1)
You can now use this authrization profile as a result in policies. When a user authentications the string from the DACL attribute in the user record will be used as the name of the attribute to download
06-12-2012 10:08 AM
06-12-2012 02:26 PM
Sure I did try it before posting and it did work. There was one issue found when a change to the profile definition did not take effect until after a restart. This was fixed in ACS 5.3
CSCtn67457 dynamic attributes in authorization profiles stop working after change
What release are you on. if you upgrade to ACS 5.3 make sure to install latest patch during upgrade as directed by release notes
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide