Each user or group can be homed to different authentication databases or
even the local ACS database. You just need to configure everything to play
nicely together. I'd think our CCIE Security types would be the best people
to ask.
On Fri, Sep 25, 2009 at 8:42 AM, Iwan Hoogendoorn <iwan_at_ipexpert.com> wrote:
> If I am correct you can work woth different groups between ACS and Windows
> AD.
> This means you can assign rights to a specific groups ...
>
> --
> Regards,
>
> Iwan Hoogendoorn
> CCIE #13084 (R&S / Security / SP)
> Sr. Support Engineer IPexpert, Inc.
> URL: http://www.IPexpert.com <http://www.ipexpert.com/>
>
> On Fri, Sep 25, 2009 at 1:01 PM, Adrian <ccie2323_at_gmail.com> wrote:
> > Hi experts,
> > I'm trying to deploy 1 ACS for a few uses, i would like the
> > ACS to provide 802.1x authentication to my wireless users, the ACS will
> > check user credential with the AD. At the same time i would like to limit
> > only 1 group of users (network admin) to be able to use their AD username
> > and password to login when they telnet to cisco switches via tacacs+, i
> > would not want other users in the AD to be able to use thier AD username
> and
> > password to be able to login to the switches is there a way to do that?
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Sep 25 2009 - 09:01:25 ART
This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:04 ART