Acs+802.1x+aaa+ad+ca Detailed configuration tutorial (iii)

3. with the AD Integrated (This article focuses on the introduction, it took me a day to study out, hehe!) )

Enter Externaluser Databases page, there are 3 options under this page :

A) Unknown User Policy

b) Database Group Mappings

c) Database Configuration

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/30/wKiom1R7wHqjmuSeAAJL6xJjXZk208.jpg "title=" 1.png " alt= "Wkiom1r7whqjmuseaajl6xjjxzk208.jpg"/>

Section1Step:Unknown User Policy

The role here is when when ACS detects non-local users, it can go to the external database, so this is why ACS joins the domain, moving Windows Database to the right and committing

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/2F/wKioL1R7wQ-z3V8RAAJxuHHRwsU978.jpg "title=" 2.png " alt= "Wkiol1r7wq-z3v8raajxuhhrwsu978.jpg"/>

Section2Step:Database Configuration, selectWindows Database.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/2F/wKioL1R7wRvi5NJTAAH0f-S61wk745.jpg "title=" 3.png " alt= "Wkiol1r7wrvi5njtaah0f-s61wk745.jpg"/>

Select configuration

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/2F/wKioL1R7wSSzGPHhAAHWGsdvTos431.jpg "title=" 4.png " alt= "Wkiol1r7wsszgphhaahwgsdvtos431.jpg"/>

As set:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/2F/wKioL1R7wS2BI0loAAJ2BJm3rUg704.jpg "title=" 5.png " alt= "Wkiol1r7ws2bi0loaaj2bjm3rug704.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/30/wKiom1R7wK3gNQg1AAJx21JuEg0434.jpg "title=" 6.png " alt= "Wkiom1r7wk3gnqg1aajx21jueg0434.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/30/wKiom1R7wLvxbOHAAAIsYDgHtuc716.jpg "title=" 7.png " alt= "Wkiom1r7wlvxbohaaaisydghtuc716.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/2F/wKioL1R7wUuysT5gAAJ2cP6PFMg423.jpg "title=" 8.png " alt= "Wkiol1r7wuuyst5gaaj2cp6pfmg423.jpg"/>

Final submission.

Section3Step:Group Mapping, putADthe inside of the group withAcsThe group inside does a mapping, and the effect is throughADthe user in the inside does the authentication,AcsGroup Policy to authorize.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/2F/wKioL1R7wVbgLewgAAHXZDMybiQ924.jpg "title=" 9.png " alt= "Wkiol1r7wvbglewgaahxzdmybiq924.jpg"/>

Select New

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/2F/wKioL1R7wV_QOxU_AAHCskwvEec490.jpg "title=" 10.png "alt=" Wkiol1r7wv_qoxu_aahcskwveec490.jpg "/>

Select NAC After this domain is submitted

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/2F/wKioL1R7wXbSDb7yAAIT5gnlsuo341.jpg "title=" 11.png "alt=" Wkiol1r7wxbsdb7yaait5gnlsuo341.jpg "/>

Select NAC configures this domain

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/30/wKiom1R7wPSjw4V5AAHioh4lf1g560.jpg "title=" 12.png "alt=" Wkiom1r7wpsjw4v5aahioh4lf1g560.jpg "/>

Select Add Mapping

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/2F/wKioL1R7wYTgUfKiAAH7iOxq_7M325.jpg "title=" 13.png "alt=" Wkiol1r7wytgufkiaah7ioxq_7m325.jpg "/>

Add the members of the domain as needed, and here I choose Users,domain Admins,Domain Users. Then the ACS group selects the corresponding groups of ACS (the entire experimental process I use only the default group), and then submit!

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/30/wKiom1R7wQSCVL02AAJEh80Qn9g327.jpg "title=" 14.png "alt=" Wkiom1r7wqscvl02aajeh80qn9g327.jpg "/>

so far, ACS already can and AD it's integrated.

Video sharing: Http://www.dwz.cn/lij9D

Acs+802.1x+aaa+ad+ca Detailed configuration tutorial (iii)