we have a Nac enviroment with users that are defined on the ACS. Also the groups are defined on this machine.
The problem is that we have to move all the users from the ACS to the domain controller, so all the users will become AD users.
In which way we have to configure the NAC enviroment to permit the authentication via Active Directory instead of Radius that runs on the ACS?
Thanks a lot!
I've already configured a radius server on the "Auth Servers"...can you confirm me that adding a new "LDAP" server will not influence or cause interruption of service for the roles that are already defined?
If I've understood well the "Server mapping" must be done when we create the role...or not?
Not cause any interruption.
In my environment is configured LDAP Auth Server and did not need to map because I'm using just a Role, so this is configured as Default Role in Auth Server settings
So, If It is so...only if you add more than one auth server you chan choose the mapping?
I'm migrating the user from radius (ACS) to LDAP (AD)...so I have a mixed enviroment for some time!!!
You have to create a map rule if you have two or
more Roles authenticating in the same LDAP Auth Server
and not if you have two or more auth servers
If the users authenticating today in Radius Server ACS is associated with a single Role XYZ, then you can configure the LDAP Server linking users to the same Role XYZ.
You will have two providers for the same Role.