Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
819
Views
0
Helpful
3
Replies

Problems with AAA via AD (ACS5.3+Windows 2008 AD)

d_volkovsky
Level 1
Level 1

‎03-11-2013 05:03 AM - edited ‎03-10-2019 08:11 PM

Dear colleagues,

Please help as I could not find a solution.

I have ACS 5.3 installed and connected to Microsoft AD.

I have created new access policy based on "Default Device Admin". Under this rule I have selected AD Identity and create new rule-0 where I selected AD1 as place where client should be authenticated and Shell profile "Prov_15" where by default users shoudl get priviledge access 15 but ACS passed me directly to "Default" where I have "denyaccess" profile.

If I change Authorization from AD to internal DB everything works.

Please give me a clue what I dod wrong.

Thanks.                 

Labels:
Preview file
243 KB
Preview file
192 KB
Preview file
122 KB
Preview file
381 KB
0 Helpful
3 Replies 3

maldehne
Cisco Employee
Cisco Employee

‎03-11-2013 05:38 AM

remove AD1 external groups condition and try

------------------------------------------------------------------

Please make sure to rate correct answers

0 Helpful

d_volkovsky
Level 1
Level 1
In response to maldehne

‎03-11-2013 11:58 PM

Hi,

I have sorted out this topic.

Issue was with misprinting into AD groups.

0 Helpful

maldehne
Cisco Employee
Cisco Employee
In response to d_volkovsky

‎03-12-2013 01:02 AM

good to know that

0 Helpful
Customers Also Viewed These Support Documents