Chapter 5 Configuring User Group Permissions

Mapping to Active Directory Groups

Mapping to Active Directory Groups

If a sponsor authenticates to the Cisco NAC Guest Server using Active Directory authentication then the Cisco NAC Guest Server can map them into a user group by their membership in Active Directory groups.

If you have configured AD authentication (as described in Configuring Active Directory (AD) Authentication, page 4-5), then the Guest Server automatically retrieves a list of all the groups configured within all the AD servers configured.

Selecting an Active Directory Group from the dropdown provides all sponsor users who are in this AD group the permissions of this group.

Step 1 Select Active Directory Mapping from the top menu when in the add user group or edit user group screen.

Figure 5-8 Active Directory Group Mapping

Step 2 Select the group you wish to match against and click the Assign Group button.

Note By default, Active Directory only returns a maximum of 1000 groups in response to a Cisco NAC Guest Server search. If you have more than 1000 groups and have not increased the LDAP search size, it is possible that the group you want to match will not appear. In this situation, you can manually enter the group name in the Active Directory Group combo box.

Mapping to LDAP Groups

If a sponsor authenticates to the Cisco NAC Guest Server using LDAP authentication then the Cisco NAC Guest Server can map them into a user group by their membership of LDAP groups.

Based on the settings of the LDAP server that you authenticate against the Cisco NAC Guest Server will use one of two methods for mapping the sponsor using group information.

There are two main methods that LDAP servers use for assigning users to groups.

Cisco NAC Guest Server Installation and Configuration Guide

5-8

OL-15986-01

 

 

Page 64
Image 64
Cisco Systems OL-15986-01 manual Mapping to Active Directory Groups, Mapping to Ldap Groups

OL-15986-01 specifications

Cisco Systems OL-15986-01 refers to a specific online training course offered by Cisco, primarily focusing on the implementation and configuration of Cisco routers and switches. This course is part of the larger Cisco Networking Academy program, designed to equip individuals with the necessary skills to enter and succeed in the networking field.

One of the main features of OL-15986-01 is its comprehensive curriculum that covers a wide range of networking concepts including IP addressing, routing protocols, switching technologies, and network management. The coursework emphasizes practical, hands-on experience, allowing students to work with various Cisco technologies, whether through simulations or actual equipment. This aligns with Cisco's commitment to experiential learning, enabling students to apply theoretical knowledge in real-world scenarios.

The course also incorporates advanced technologies and methodologies. For example, it delves into IPv6 addressing and its significance in modern networking, alongside traditional IPv4. Routing protocols such as OSPF, EIGRP, and BGP are discussed in detail, providing learners with insights into how data is routed efficiently across different networks. Additionally, the course covers switching technologies, including VLANs, STP, and EtherChannel, which are essential for configuring robust and efficient local area networks (LANs).

Another noteworthy characteristic of OL-15986-01 is its focus on network security. Students learn about the vulnerabilities that networks face and how to implement security measures to protect network infrastructure. Topics include secure access methods, firewall configurations, and the use of VPNs for secure remote access.

Furthermore, the course emphasizes troubleshooting techniques, empowering students with the skills to identify and resolve network issues effectively. Practical lab sessions and assessments allow learners to demonstrate their comprehension of networking principles and their ability to apply them in various situations.

Ultimately, Cisco Systems OL-15986-01 is designed for individuals seeking to boost their networking knowledge and skillset, paving the way for careers in IT infrastructure management, network engineering, and other technology-related fields. By completing this course, participants gain a solid foundation in networking that can lead to valuable Cisco certifications, enhancing their professional credibility in a competitive job market.