Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We currently use a Cisco ASA (5510, 8.2) IPsec VPN client with RADIUS as a backend authentication service. We have configured IAS on one of our domain controllers to issue a RADIUS Accept/Deny based on the users' group membership within a "VPN Users"...
Thanks JK, I was thinking along those same lines, but came away stumped. Was your example a "theoretical" or verified?When I changed from RADIUS to LDAP and applied the Attribute Map - leaving default Group Policy as FullVPN - anyone in the Directory...
An 'OU' is not the same as a group. Users are typically spread throughout the hierarchy, and they are made members of a CN=groupName object using the memberOf attribute. Your subtree method ignores the 'group' and instead assumes that everyone to be ...
