Acs+802.1x+aaa+ad+ca Detailed configuration tutorial (iii)

Source: Internet
Author: User

3. with the AD Integrated (This article focuses on the introduction, it took me a day to study out, hehe!) )

Enter Externaluser Databases page, there are 3 options under this page :

A) Unknown User Policy

b) Database Group Mappings

c) Database Configuration

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/30/wKiom1R7wHqjmuSeAAJL6xJjXZk208.jpg "title=" 1.png " alt= "Wkiom1r7whqjmuseaajl6xjjxzk208.jpg"/>

Section1Step:Unknown User Policy

The role here is when when ACS detects non-local users, it can go to the external database, so this is why ACS joins the domain, moving Windows Database to the right and committing

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/2F/wKioL1R7wQ-z3V8RAAJxuHHRwsU978.jpg "title=" 2.png " alt= "Wkiol1r7wq-z3v8raajxuhhrwsu978.jpg"/>

Section2Step:Database Configuration, selectWindows Database.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/2F/wKioL1R7wRvi5NJTAAH0f-S61wk745.jpg "title=" 3.png " alt= "Wkiol1r7wrvi5njtaah0f-s61wk745.jpg"/>

Select configuration

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/2F/wKioL1R7wSSzGPHhAAHWGsdvTos431.jpg "title=" 4.png " alt= "Wkiol1r7wsszgphhaahwgsdvtos431.jpg"/>

As set:

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/2F/wKioL1R7wS2BI0loAAJ2BJm3rUg704.jpg "title=" 5.png " alt= "Wkiol1r7ws2bi0loaaj2bjm3rug704.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/30/wKiom1R7wK3gNQg1AAJx21JuEg0434.jpg "title=" 6.png " alt= "Wkiom1r7wk3gnqg1aajx21jueg0434.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/30/wKiom1R7wLvxbOHAAAIsYDgHtuc716.jpg "title=" 7.png " alt= "Wkiom1r7wlvxbohaaaisydghtuc716.jpg"/>

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/2F/wKioL1R7wUuysT5gAAJ2cP6PFMg423.jpg "title=" 8.png " alt= "Wkiol1r7wuuyst5gaaj2cp6pfmg423.jpg"/>

Final submission.

Section3Step:Group Mapping, putADthe inside of the group withAcsThe group inside does a mapping, and the effect is throughADthe user in the inside does the authentication,AcsGroup Policy to authorize.

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/54/2F/wKioL1R7wVbgLewgAAHXZDMybiQ924.jpg "title=" 9.png " alt= "Wkiol1r7wvbglewgaahxzdmybiq924.jpg"/>

Select New

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/2F/wKioL1R7wV_QOxU_AAHCskwvEec490.jpg "title=" 10.png "alt=" Wkiol1r7wv_qoxu_aahcskwveec490.jpg "/>

Select NAC After this domain is submitted

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/2F/wKioL1R7wXbSDb7yAAIT5gnlsuo341.jpg "title=" 11.png "alt=" Wkiol1r7wxbsdb7yaait5gnlsuo341.jpg "/>

Select NAC configures this domain

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M02/54/30/wKiom1R7wPSjw4V5AAHioh4lf1g560.jpg "title=" 12.png "alt=" Wkiom1r7wpsjw4v5aahioh4lf1g560.jpg "/>

Select Add Mapping

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/2F/wKioL1R7wYTgUfKiAAH7iOxq_7M325.jpg "title=" 13.png "alt=" Wkiol1r7wytgufkiaah7ioxq_7m325.jpg "/>

Add the members of the domain as needed, and here I choose Users,domain Admins,Domain Users. Then the ACS group selects the corresponding groups of ACS (the entire experimental process I use only the default group), and then submit!

650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/54/30/wKiom1R7wQSCVL02AAJEh80Qn9g327.jpg "title=" 14.png "alt=" Wkiom1r7wqscvl02aajeh80qn9g327.jpg "/>

so far, ACS already can and AD it's integrated.


Video sharing: Http://www.dwz.cn/lij9D

Acs+802.1x+aaa+ad+ca Detailed configuration tutorial (iii)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.