01-08-2014 04:09 AM - edited 03-10-2019 09:15 PM
As part of my ISE deployment I have configured the last rule in the Autentication Rules to continue if a user is found in Identity Store Sequence BYOD-USERS.
This Identity store specifies that Active Directory and Guest users should be searched, when a user logins into the Guest Sponsor Portal.
However at the moment Guest users are working fine and are permitted onto the Guest network once they have authenticated, as part of a corresponding Authroization profile however with Active Directory I only want a small subsection of users who can continue once entering in their details. If the user isn't in that particular AD security group they can't progress further from the guest portal.
So my question is, is the identity store sequence where I have requested that active directory be searched that I can filter which user group can potentially login. I understand that under the Active Directory Identity store I can specifiy groups which I have done, but my question is can I restrict which groups are search in the identity store sequence for active directory.
Thank you for your help in advance guys.
01-21-2014 08:30 AM
Tony,
They way to accomplish this (I think) would be to create another Identity Source. Go to Administration > Identity Management > External Identity Sources. From there, click LDAP from the menu on the left.
Click the +Add button to add an identity source. Bind this connection to the AD server you are currently using. Choose the groups you want to be in the Authorization Profile and then, Choose the Attributes for the Identity Source:
From here, you MUST use the full LDAP object name for the group to get the list of attributes:
Click Submit, then OK (the dialog might just contain the number 1). Use this new Identity Source in your Identity Source Sequence.
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide