Hi Stefan,
The User "Test" is registered in Internal User with a local password. But now I will authenticate the user "Test" from a RSA Token server. How can I configure this rule in "identity policy"? Wich condition matches to choose the identity source. I will set the internal user with an attribute enumeration field like "Password". The administrator should have an option to choose "locale databse password" or "token passcode".
In the identity, if you click on select, you can select the type of Database, you can choose RSA (you will first need to create the connection under Users and Identity Stores-->External Identity Stores-->RSA secure ID)
Another, way is you continue to use the internal users DB, but you go to that user internally and select the password type to be RSA
(you will first need to create the connection under Users and Identity Stores-->External Identity Stores-->RSA secure ID)
Group mapping is a feature to assign a local identity group as a result by choose conditions.
EG:
If (Active directory x) Then (Internal group x)
The IF is the condition and Then is Result.
https://supportforums.cisco.com/docs/DOC-34890
Hope this Helps.
Ed
**Share your knowledge. It’s a way to achieve immortality.
--Dalai Lama**
Please Rate if helpful.
Regards
Ed