Preview Tool

Cisco Bug: CSCum91020 - DOC - ACS Dynamic Attribute Mapping with NDG Needs to be Documented

Last Modified

Mar 01, 2017

Products (1)

  • Cisco Secure Access Control Server Solution Engine

Known Affected Releases


Description (partial)

Documentation needs to be published on CCO to detail the proper formatting for the configuration of ACS string identity attributes when used with Dynamic Attribute Mapping.

- ACS 5.x
- Dynamic attribute mapping is used in AuthZ rule to dynamically identify whether rule is matched based on identity string attribute defined within username configuration

1. Create an internal user identity string attribute
2. Create a NDG location group
3. Associate device with NDG location group
4. Create an internal user account using the identity string attribute from step 1 to match a particular NDG:location
5. Bind this all together in an AuthZ rule to allow the policy to be matched dynamically if the identity string attribute configured in the username matches the NDG:Location of the device user is authenticating from
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.