cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

397
Views
0
Helpful
1
Replies
johnramz
Beginner

Restrict Authentication to an AD group only

CISCO ACS 5.3

Using external data identity store: AD

Hi all,

Is there a way to lock down the authentication to one AD group only ?

In access policies authorization can be restricted to a group only but I cannot find a way to do it with authentication. For example,anyone in AD can try to ssh or telnet to a network a have access to non-privilege/level 1 . I want to restrict it to the "CISCO admins" group that I already created

Any help is appreciated

John

1 ACCEPTED SOLUTION

Accepted Solutions
minkumar
Beginner

Hi JOhn,

   Its not possible in Identity,You can only restrict the access in the AUthorization, By choosing the external groups:AD attribute from customize:

Best Regards:

Minakshi (Do rate the helpful posts )

View solution in original post

1 REPLY 1
minkumar
Beginner

Hi JOhn,

   Its not possible in Identity,You can only restrict the access in the AUthorization, By choosing the external groups:AD attribute from customize:

Best Regards:

Minakshi (Do rate the helpful posts )

View solution in original post

Content for Community-Ad