Filter
Top Products
Chapter 12 Administering External User Databases
Database Group Mappings
12-16
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Step 5 If you are mapping a Windows NT/2000 group set, click the domain name for
which you want to configure a group set mapping.
Result: The Group Mappings for Domain: domainname table appears.
Step 6 If you are mapping a Novell NDS group set, click the name of the Novell NDS
tree for which you want to configure group set mappings.
Result: The Group Mappings for NDS Users table appears.
Step 7 Click Add Mapping.
Result: The Create new group mapping for database page opens. The group list
displays group names derived from the external user database.
Step 8 For each group to be added to the group set mapping, select the name of the
applicable external user database group in the group list, and then click Add to
selected.
Note A user must match all the groups in the Selected list in order for
Cisco Secure ACS to use this group set mapping to map the user to a
Cisco Secure ACS group; however, a user can also belong to other
groups (in addition to the groups listed) and still be mapped to a
Cisco Secure ACS group.
Tip To remove a group from the mapping, select the name of the group in the
Selected list, and then click Remove from selected.
Result: The Selected list shows all the groups that a user must belong to in order
to be mapped to a Cisco Secure ACS group.
Step 9 In the CiscoSecure group list, select the name of the Cisco Secure ACS group to
which you want to map users who belong to all the external user database groups
in the Selected list.
Note You can also select <No Access>. For more information about the <No
Access> group, see the “No Access Group for Group Set Mappings”
section on page 12-14.