Do you have good link with general procedures and best practices for setting up VPN user authorization to a standard Windows domain/AD.
VPN3020 -> radius -> ACS (with default policy to Windows NT) does work, but wanted more granular control which user have VPN access.
With this model everyone who has Windows account would automatically get VPN access.
Also if there are any good reading on setting up "single logon" Cisco VPN client and windows domain.