ASA DAP LDAP Inheritance ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-04-2009 03:16 PM - edited 03-11-2019 09:45 AM
Is there any way, maybe through LUA script to check for membership in nested groups?
IE a user is directly a memeber of "Location Employees"
"Location Employees" is a memeber of "Company Employees"
Making the rule allow anyone that is a member of "Company Employees" pass?
At the moment I can get around some of this by using LUA to match on groups ENDING in Employees but I have other cases that would work better. The only alternative I see is to create a bunch of new groups and make the users direct memebers.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-08-2009 03:41 PM
Hi, there is a feature request for this, currently it is not supported
CSCso24147 VPN RA Active Directory/LDAP Nested-Groups Support
hth
ivan
