Hi,
I have several NAS (Citrix servers, Cisco VPN3030) from which user can login via Tokencard and AC/Servers (SDI) Now I want to be able to tell that a specific user only can login from a specific NAS, and not any other NAS.
How can this be done on win32 servers version 5.1.1 ?
Next logical question is: Is there any utils/tools that can help be do this for 1600+ users ?
regards Martin
Don't quote me, but I think you're going to have to set up separate ACE servers and point the devices to the ACE server that houses the accounts for that device's users. HTH
Robert
What you are saying is that I need dedicated servers for each NAS ?
Actually, now that I think about it more, I would assign users to specific groups, and assign those groups only to the device that you want the users to log on to. For example, if you only want accounting folks to log on to NAS-A, assign them to the accounting group and put that on NAS-A. Do likewise for other groups and NAS's. Does that make sense?
Robert
"Robert" skrev i en meddelelse For example, if you only want accounting
both yes and no it make sense.
I think that this should be done on a pr. user basis, since the condition were a user needs to be allowed both NAS-a and NAS-b, but not NAS-c, then what ?
But if this can be done - like Cisco ACS - with networkdevice groups, then it makes sense
Makes perfect sense. I'm a consultant to RSA. What Robert recommends
-- assign users to groups, then assign each group to the specific NAS devices you want those users to use -- is almost surely what Martin's RSA SSE would recommend if he had been asked.
Surete, _Vin
also when I want to have some users allowed on several NAS, but not all NAS ?
Then you would include their group on several NAS and point them to the appropriate server.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.