Chapter 10 Managing Access Policies

Configuring Access Service Policies

Creating Policy Rules, page 10-37

Duplicating a Rule, page 10-38

Editing Policy Rules, page 10-38

Deleting Policy Rules, page 10-39

For information about configuring an identity policy for Host Lookup requests, see Configuring an Authorization Policy for Host Lookup Requests, page 4-20.

Related Topics

Configuring a Group Mapping Policy, page 10-26

Configuring a Session Authorization Policy for Network Access, page 10-29

Configuring a Session Authorization Policy for Network Access, page 10-29

Configuring Shell/Command Authorization Policies for Device Administration, page 10-34

Configuring Identity Policy Rule Properties

You can create, duplicate, or edit an identity policy rule to determine the identity databases that are used to authenticate the client and retrieve attributes for the client.

To display this page:

Step 1 Choose Access Policies > Access Services > service > Identity, then do one of the following:

Click Create.

Check a rule check box, and click Duplicate.

Click a rule name or check a rule check box, then click Edit.

Step 2 Complete the fields as shown in the Identity Rule Properties page described in Table 10-11:

 

User Guide for Cisco Secure Access Control System 5.3

10-24

OL-24201-01

Page 288
Image 288
Cisco Systems OL-24201-01 manual Configuring Identity Policy Rule Properties, 10-24