If I am correct you can work woth different groups between ACS and Windows AD.
This means you can assign rights to a specific groups ...
--
Regards,
Iwan Hoogendoorn
CCIE #13084 (R&S / Security / SP)
Sr. Support Engineer � IPexpert, Inc.
URL: http://www.IPexpert.com
On Fri, Sep 25, 2009 at 1:01 PM, Adrian <ccie2323_at_gmail.com> wrote:
> Hi experts,
> I'm trying to deploy 1 ACS for a few uses, i would like the
> ACS to provide 802.1x authentication to my wireless users, the ACS will
> check user credential with the AD. At the same time i would like to limit
> only 1 group of users (network admin) to be able to use their AD username
> and password to login when they telnet to cisco switches via tacacs+, i
> would not want other users in the AD to be able to use thier AD username and
> password to be able to login to the switches is there a way to do that?
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Sep 25 2009 - 14:42:11 ART