ACS5: method of different external authentication for each user account

ACS4 I could specify a different external authentication for each user account. I'm trying to find a way to do the same thing to the ACS 5? When I go under identity in Access Services, I see the system requirement: username I can use to identify the user who logs in, so that I can directly to a source of different identity, but the separate political configuration for each user is very inconvinient and would require hundreds of policies, in our case.

I was hoping that we can create a kind of attribute for each user. SysAdmin > Configuration > dictionaries > identity > internal users. I created the new attribute called 'Storage of identity' with the enumeration type, which has 4 values: internal, Entrust Token, Token RSA, counts AD and checked the box "add a political Condition." I can then go under each user and select the storage of identity for each user. But now I can't find where I can use under part of identity of an access policy. I can use it under "Group mapping" but that maps to one group and not to an identity store. I need to use it under the identity somehow, but I can't find how.

Hello Roman,

The attribute you created will be available when the user is authenticated through internel ID store, so that you cannot use to select the store ID.

The best way to do this would be to use other attributes to differentiate the identity store.
Allows you to create a sequence of identity store so that for each user, ACS will try to authenticate by using multiple identity store.

For example, you can use these:

Network status

> End Station filter

> Device filter

> Devide filter Ports

Here you can import filters from a file and it would therefore be more scalable.

Hope this helps.

Tags: Cisco Security

Similar Questions

  • Why my logon screen icon double for each user account? What should I do?

    Please help me with my problem

    Why my logon screen icon double for each user account?

    What should I do?

    Hello

    Most likely, this is caused by a 3rd party "software logon." For example, Omnipass is known to cause these 'issues '.

    Please take a look here:

    http://social.msdn.Microsoft.com/forums/en-us/WindowsSecurity/thread/22d7fc0a-595c-4b7c-B195-a19e73e06db3/

    I hope this helps.

    Best regards

    Mieke

  • separate e-mail for each user account

    Have the user accounts for my wife and me.  We operate separate e-mail addresses but when frst open Outlook Express all emails appear rather than being sorted to each user. How to achieve good sense of emails for two users accounts?

    If you are using Outlook Express:

    http://www.Microsoft.com/communities/newsgroups/list/en-us/default.aspx?DG=Microsoft.public.outlookexpress.General&cat=en_us_67ae557e-CEEA-4691-9CF6-efbe673e7b70&lang=en&CR=us

    Discussions in microsoft.public.outlookexpress.general

    They will help you in the Outlook discussion group to express above.

    See you soon.

    Mick Murphy - Microsoft partner

  • in the case of backup files, are both users of saved files, or files for each user must be backed up separately?

    original title: backup of files

    My wife and I use the same computer, but have different usernames (accounts).  My question is: when a backup occurs files, two files users are saved, or files for each user must be backed up separately?

    Hi toad133,

    ·         What type of backup that you talk too much?

    If you are referring to the automatic backup there backup everything that you have selected or defined to be backed up.

    If you are referring to the manual backup backs up what settings or files that you select to backup such as emails or files.

    Back up and restore: frequently asked questions

    http://Windows.Microsoft.com/en-us/Windows-Vista/back-up-and-restore-frequently-asked-questions

    I hope this helps!

    Halima S - Microsoft technical support.

    Visit our Microsoft answers feedback Forum and let us know what you think.

  • How can I stop Firefox profiles great taking place on the C drive for each user?

    I have several users on a Windows Server 2008 R2 Remote Desktop Server (Terminal Server) and all of them use Firefox. Each of their profiles become huge because of their Firefox profiles.

    Seems that all the space the file cache. (C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\Profile.default\Cache)

    Is it possible to implement a policy within the program to clear the cache for each user or each time the browser is closed or when the user disconnects?

    Hello nukeit108, you can set the preference browser.cache.disk.enable to false, then no cache file will be written to disk (does not affect the entries cached in RAM).

    See also http://kb.mozillazine.org/Locking_preferences

  • Where to store the TS files for each user on a Terminal Server in Windows 2008 Server

    I have a TS w 2008 R2 and have a program that requires files kept for each user in their own folder, where it configures in TS. Each user will have its own folder cache for this program

    Each user login for TS and have a user on a shared folder, this program should have updated files in this folder.

    Hi DavidBabbel,

    The question you have posted is related to the area and would be better suited to the TechNet community. Please visit the link below to find a community that will provide the best support.

    http://social.technet.Microsoft.com/forums/en-us/winserverTS/threads

  • It is necessary to download Google Chrome for each user on my Vista computer?

    Why, if I have more than one user, do I download google chrome for each user?  Is there a way I don't have to download a second for the other user?

    * original title - computer with more than one user *.

    Google Chrome since the normal download install personal folders to the user. This allows Chrome to be installed by users who have administrator privileges. Apparently you can install for all users with this procedure:

    http://www.Google.com/support/chrome/bin/answer.py?answer=118663

    Check Google forums, that applies and will be based in the future.

  • The opportunity to identify a specific storage for each user or security group.

    Hi all

    I asked how to specify storage for each user or security group on the server of the University Complutense of Madrid. ex. I want user 'weblogic' unable to download a document on the server of the University Complutense of Madrid, more than a gigabyte. the user can check in several files, but thetotal space for all files are not a gigabyte.

    Thank you

    I asked how to specify storage for each user or security group on the server of the University Complutense of Madrid. ex. I want user 'weblogic' unable to download a document on the server of the University Complutense of Madrid, more than a gigabyte. the user can check in several files and the total space for all files not exceeding a gigabyte.

    You can write a rule to achieve this where in the xStorageRule is evaluated based on any set of metadata such as dDocAuthor or dDocSecurityGroup etc., or a combination of metadata.

  • Is their any restrictions on the total facilities of cloud creative app after purchase of the monthly subscription for each user?

    Is their any restrictions on the total facilities of cloud creative app after purchase of the monthly subscription for each user? For example, an application may not be installed on more than 1 computer. (Or it will break the policy of licensing or software etc.) ?

    1. You can install the software on as many computers as you want
    2. You can activate the software to be used on a maximum of any two computers at the same time
    3. You can only use one of the simultaneously active installations.

  • WHY THE PGA IS REQUIRED FOR EACH USER?

    Hello everyone;

    I have a question about PGA.

    WHY THE PGA IS REQUIRED FOR EACH USER?

    What I got from google...

    Even if information analysis of SQL or PL/SQL is already available in the library of shared pool cache,

    the value that the user want to execute the statement select or update cannot be shared.

    I can't realize that someone can show an example of clear, if possible?

    DB version is 10.2.0.4.0

    OS: oracle linux 5.5

    Thanks in advance...

    PGA is memory private belonging to a specific user. This private memory contains of these pieces that is not supposed to be shared with others. For example, when you sort a part of the data, that does not mean all he wants too. If Oracle retains the sorted data requested by you in your own PGA. Similarly, if you want to query a table with a value of 10, it does not mean that all want the same thing. If these structures are stored in the PGA. For a more detailed description, read the link given by Hoek.

    HTH

    Aman...

  • Do I need separate Adobe contribute for each user copies?

    I'm looking into using Adobe Contribute as a CMS for our intranet. Each Department has their own section, which they would like to publish and modify as needed. My guess is 'Yes', but to confirm, if anyone knows - what I have to buy copies of Adobe Contribute for each user who will be granted these permissions? If there are 6 departments - are talking us about to buy 6 copies of Contribute to be installed on their computer? Please advice... Thank you!

    Hello

    Thank you to the Adobe community.

    I wish to inform you that a contribute license can be installed on both machines max, but executed on one machine at a time.

    In your case if 6 users will work to contribute entered then you will need to buy 6 licenses of Adobe Contribute. But if only three users will work on this topic at a time then 3 licenses of contribute would be sufficient for you.

    I hope this helps!

    Shekhar

  • Password reset disk error - "year error occurred while the wizard attempted to set the password for this user account.

    Hello!

    -A bit of background: the desktop PC that I use is Windows Vista Ultimate Edition, with active user accounts total five. I have my own account, and I can access the computer through (or through account from my brother, because I know its password).--

    I had this problem recently came where the administrator password (that I know for a long time and never changed) no longer works. So, after some research, I created a reset password on a USB disk, that I found in my house. I managed to create the disc, but when I tried to put the new password, I got the message error "an error occurred while the wizard attempted to set the password for this user account', which I must say is not very clear. I found a few methods of force - reset the password for the account of the admin, as using a sort of Windows Vista DVD or go to Safe Mode to find the hidden administrator account... but I have no idea what this DVD is or where to find, and in Safe Mode, there is no account user administrator to be seen. I believe that my machine is corrupted, but I don't want to buy a new. I want just to reset a password...

    Any help is appreciated. If I was not specific enough, I can specify in comments.

    Thank you!

    Hello

    You must make a password reset disk before that there are problems with a password, not afterwards.

    ________________________________________________________________

    Read this for your problem:

    http://support.Microsoft.com/kb/940765

    If you are unable to connect to Windows 7 or Windows Vista, you can use the Windows Vista System Restore feature, or the Windows 7 system restore feature.

    You may be unable to connect to Windows Vista or Windows 7 in the following scenarios:

    • Scenario 1: You recently set a new password for the protected administrator account. However, you don't remember the password.
    • Scenario 2: You type the correct password. However, Windows Vista or Windows 7 does not accept the password because the system is damaged.
    • Scenario 3: You delete a protected administrator account. Now, you cannot connect to another administrator account.
    • Scenario 4: You change an administrator account protected with a standard user account. Now, you cannot connect to another administrator account.

    You can also borrow and use a Microsoft Vista DVD, which contains the files for the different editions of Vista (Home Basic, Home Premium, Business and Ultimate) must be installed. The product key on your computer / Laptop box determines what Edition is installed.

    Other manufacturers recovery DVDs are should not be used for this purpose.

    _____________________________________________________________

    Microsoft prohibits any help given in these Forums for you help bypass or "crack" passwords lost or forgotten.

    Here's information from Microsoft, explaining that the policy:

    http://answers.Microsoft.com/en-us/Windows/Forum/Windows_7-security/keeping-passwords-secure-Microsoft-policy-on/39f56ef0-5d68-41AD-9daa-6e6019c25d37

    See you soon.

  • Download firefox 10, Setup asked for the user account, enter the type of w/admin myPC, firefox exit installtion (Toshiba A665/I7/windoe 7)

    My computer is Toshiba A665 w/Intel core I7 and Windows 7 installed. When I run the installer of firefox 10, he asked for the user account ID and password. I entered the name of the computer that is mine with admin enter the account and a correct password. Installation of Firefox to quit smoking. No screen / another reply?

    Hello

    Please try a right click on the downloaded file and select run as administrator.

  • Forgotten password for XP user account and did not password reset disk, how can I get in

    Forgotten password for XP user account and did not password reset disk, how can I get in

    Michael,

    Microsoft technical support engineers cannot help you recover the passwords of the files and Microsoft who are lost or forgotten product features. For more information about this policy, please refer to the below sticky...

    http://social.answers.Microsoft.com/forums/en-us/w7security/thread/39f56ef0-5d68-41AD-9daa-6e6019c25d37

  • How to create a password for the user account for my child?

    How to create a password for the user account for my child?

    You can create the user with the parental control account. This will act as a protection for the child's account.

    You can take a look at the following links on setting up parental controls:

    http://Windows.Microsoft.com/en-us/Windows/set-up-family-safety#set-up-family-safety=Windows-7

    http://Windows.Microsoft.com/en-us/Windows/set-parental-controls#1TC=Windows-7

    http://www.howtogeek.com/HOWTO/10524/how-to-use-parental-controls-in-Windows-7/

Maybe you are looking for

  • How can I get Office 365 to sinc with my ipad and Iphone?

    How can I get Office 365 to sinc with my ipad and Iphone?

  • Enable ios problem 9.3

    My product name: Ipad 2 Storage capacity: 32 GB iOS: "9.3". Firstly I have updated ios 9.3 on my ipad 2. Now my ipad 2 not activate with itunes. So, it's time that I can't use my ipad2. Please solve my problem. I'm trying to very many but can not act

  • Atrix HD: Unable to setup email!

    I just got my HD Atrix today, and he refuses to acknowledge my e-mail lequipetv.fr address! I'm completely frustrated about what to do. Whenever I try to configure the email it says that my password is incorrect. But of course, I can connect to my em

  • precision of timestamp

    When Labview run on a pc (and not a system in real time like a CRIO), what is the accuracy of the LabVIEW release timestamp function?  I want to assure you that I understand that, when interpreting the data for a project, because I'm the time is broa

  • Error HP DL380 G5 Windows 2008 R2 VM

    "I'm loading windows server 2008 R2 and run a VM in manaer Server and when I click on the vm and select installed, the problem says" hypervisor "not... activate atually I already enable in the BIOS and when I prepare WindowsServer 2012 on this machin