cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

381
Views
0
Helpful
1
Replies
Highlighted
Beginner

How to limit max sessions per users and per group in Cisco ACS when using LDAP?

I am using an ACS that uses an external identity store which is an AD server, I have configured to use LDAP.

I want to limit the max sessions per user and per group, but the limit only works on the Identity Groups, and non of my users are in Identity groups.  I thought I had 2 options:

 - Limit in my external identity store (it seems not possible)
 - Associate my LDAP groups to my Identity group

How can I implement the 2nd option??

Thanks for your help!!

(I saw a forum note that ask pretty much the same, but the link does not show how to make this association). 
I have an attach with more info.

Everyone's tags (1)
1 REPLY 1
Highlighted
Cisco Employee

Hi,

Hi,

You can map LDAP or AD groups to Group mapping option for internal group.

Under Access policy > Default Device Administration > Group Mapping.

Still session limitation is on internal users.

Regards

Gagan

PS: rate if it helps!!!!