Group Mapping By Group Set Membership - Cisco 2509 - Router - EN User Manual
User guide
Hide thumbs
Also See for 2509 - Router - EN:
- Getting started manual (57 pages) ,
- User manual (108 pages)
Table of Contents
Advertisement
Database Group Mappings
Group Mapping by Group Set Membership
Note
User Guide for Cisco Secure ACS for Windows Server
12-14
For more information about group specification for RADIUS token
Note
servers, see
RADIUS-Based Group Specification, page
information about group specification for ODBC databases, see
Cisco Secure ACS Authentication Process with an ODBC External User
Database, page
You can create group mappings for some external user databases based on the
combination of external user database groups to which users belong. The
following are the external user database types for which you can create group
mappings based on group set membership:
Windows NT/2000
•
•
Novell NDS
•
Generic LDAP
Windows NT/2000 databases are defined by domain name.
When you configure a Cisco Secure ACS group mapping based on group set
membership, you can add one or many external user database groups to the set.
For Cisco Secure ACS to map a user to the specified Cisco Secure ACS group, the
user must match all external user database groups in the set.
As an example, you could configure a group mapping for users who belong to both
the Engineering and Tokyo groups and a separate one for users who belong to both
Engineering and London. You could then configure separate group mappings for
the combinations of Engineering-Tokyo and Engineering-London and configure
different access times for the Cisco Secure ACS groups to which they map. You
could also configure a group mapping that only included the Engineering group
that would map other members of the Engineering group who were not members
of Tokyo or London.
Chapter 12
11-41.
Administering External User Databases
12-22. For more
78-14696-01, Version 3.1
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
Table of Contents
