ACS External Database Designation

Discussion in 'Cisco' started by gorbash, Jul 8, 2004.

  1. gorbash

    gorbash Guest

    Hello All,

    I am trying to use External Databases to decide what Network devices users
    can attach to. I'm not even sure about the terminology involved. Basically I
    have 1 ACS server and 4 clients(vpn, bluesocket, modem pool, airespace). I
    have configured successfully so that anyone in our NDS tree(employees) is
    authenticated against the NDS database through the ACS server. I have also
    configured students to successfully authenticate against an LDAP external
    database. Now I'm stuck trying to figure out how to designate what resources
    users can connect to. IE: Employees connected to NDS can have everything but
    students connected through LDAP can only authenticate to bluesocket and
    airespace. Currently All the devices are in the not assigned network device
    group as well as the ACS box itself. I tried creating a student and employee
    device group but got lost at that point and rolled back to a working(albeit
    unsecured) config.

    I have perused cisco's site and nothing really breaks down what I am trying
    to do. I don't wanna restrict IP's I want to actually deny authentication to
    the device based on the external database your user authenticated against.

    Hope that I have been semi-clear about what I'm going for. Any help would be
    greatly appreciated.

    gorbash, Jul 8, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.