Filter
Top Products
Contents
viii
User Guide for Cisco Secure Access Control System 5.4
OL-26225-01
Viewing and Performing Bulk Operations for Internal Identity Store Hosts 8-18
Management Hierarchy 8-19
Attributes of Management Hierarchy 8-19
Configuring AAA Devices for Management Hierarchy 8-19
Configuring Users or Hosts for Management Hierarchy 8-20
Configuring and Using UserIsInManagement Hierarchy Attribute 8-20
Configuring and Using HostIsInManagement Hierarchy Attributes 8-21
Managing External Identity Stores 8-22
LDAP Overview 8-22
Directory Service 8-23
Authentication Using LDAP 8-23
Multiple LDAP Instances 8-23
Failover 8-24
LDAP Connection Management 8-24
Authenticating a User Using a Bind Connection 8-24
Group Membership Information Retrieval 8-25
Attributes Retrieval 8-25
Certificate Retrieval 8-26
Creating External LDAP Identity Stores 8-26
Configuring an External LDAP Server Connection 8-27
Configuring External LDAP Directory Organization 8-29
Deleting External LDAP Identity Stores 8-33
Configuring LDAP Groups 8-33
Viewing LDAP Attributes 8-34
Leveraging Cisco NAC Profiler as an External MAB Database 8-34
Enabling the LDAP Interface on Cisco NAC Profiler to Communicate with ACS 8-35
Configuring NAC Profile LDAP Definition in ACS for Use in Identity Policy 8-37
Troubleshooting MAB Authentication with Profiler Integration 8-41
Microsoft AD 8-41
Machine Authentication 8-43
Attribute Retrieval for Authorization 8-44
Group Retrieval for Authorization 8-44
Certificate Retrieval for EAP-TLS Authentication 8-44
Concurrent Connection Management 8-44
User and Machine Account Restrictions 8-44
Machine Access Restrictions 8-45
Distributed MAR Cache 8-46
Dial-In Permissions 8-47
Callback Options for Dial-In users 8-48
Joining ACS to an AD Domain 8-49