Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
717
Views
0
Helpful
1
Replies

Issue with ACS on AD user Authorization on Cisco Nexus Devices

ZINSOU ADAM JOCELYN ADISSO
Level 1
Level 1

‎08-14-2018 09:55 AM

Hi,

I'm working on ACS 5.8 which is integrated with MS Active Directory.

ACS Intenal users can authenticate and get the authorizationion I have configured for them.

But I have some issues on AD users.

- All AD users can authenticate and I would like to be able to restricte authentication to only the AD groups I have selected.

- I have configured authorization rule for the AD users whose belong to the selected AD group but when they logged on to a Cisco Nexus device they always get operator role. I need to apply admin role to some of them and priv-0 role.

Thanks for helping!

Labels:
0 Helpful
1 Reply 1

kthiruve
Cisco Employee
Cisco Employee

‎08-14-2018 10:35 AM

Hi,

 

You have done the right thing by verifying the users AD group in authorization policy.

The shell profile in the policy provides access to certain roles. Please make sure you have configured this correctly. Make sure the default policy is deny access.

 

https://www.cisco.com/c/en/us/support/docs/security/secure-access-control-system/115925-nexus-integration-acs-00.html

 

Thanks

Krishnan

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents