You can able to configure authorization in your ASA device before accessing AD. The below URL presents example procedures for configuring authentication and authorization on the security appliance using the Microsoft Active Directory server. It includes the following use cases:
â¢User-Based Attributes Policy Enforcement
â¢Placing LDAP users in a specific Group-Policy
â¢Enforcing Static IP Address Assignment for AnyConnect Tunnels
â¢Enforcing Dial-in Allow or Deny Access
â¢Enforcing Logon Hours and Time-of-Day Rules
http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/extsvr.html#wp1572118