I configured the Cisco Prime Security Manager (PRSM), and i have already tried the Web Filter, Application Control, IPS and Malware with IP addresses. Now I'm trying to add policies with CX Identity Objects, I have configured and tested the Directory Realm, it's working because I got self completed the fields when create CX Identity Objects. Also i have configured an Identity Policy in passive mode (if I skip these step the validation of the user doesn't work).
When I create the CX Identity Object I fill the fields in the Include section as follows:
So I have three cases to create the CX Identity Object, Group corresponding to the AD group, user empty to take all the user in the group and the only field that changes is the Identity Object.
So I want to know if I'm making something wrong or I'm missing something.
Please let me know if need something to help me with my problem, thanks a lot.
Known and Unknown users are special groups and they do not refer to AD authenticated users. You will need to create your own CX group and add your AD groups into that if you want a single group with "Authenticated" users and "Un-Authenticated Users"
Hope it helps.