I am new to ACS so my apologies if this is a n00b question or in the documentation, I have viewed the documented but I am not finding how to accomplish what I am trying to accomplish.
I have setup Cisco ACS to authenticate to the external Windows database (Active Directory). I have two domains, Domain A and Domain B. I have domain mappings setup to point ACS to each of the domains and the NT group within each domain with the user accounts I want to authenticate. I want to have some of our network devices to authenticate ONLY against Domain A and some of our network devices to authenticate ONLY against Domain B. I am not certain how to "segment" the network devices in ACS so that they only authenticate against the chosen domain. Right now all devices authenticate against either domain mapping. What is the best way of going about implementing this "segmentation"?
We are on ACS version 4.0. The network devices right now are only Lantronix SCS100 console servers attached to Cisco 1751-V routers. In the future we will have other network devices authenticate here and will have VPN connections terminated on our ASAs authenticate here as well.
Thanks. Robert Phillips, CCNA