Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
369
Views
0
Helpful
2
Replies

ACS 5.x: Authenticating nested LDAP groups

Go to solution
Nadav
Level 7
Level 7

‎03-17-2016 09:48 AM - edited ‎03-10-2019 11:35 PM

Hi everyone,

Is it possible with ACS 5.x (specifically 5.8) to authenticate ldap groups nested in other ldap groups? For example Operational_Users is an LDAP group which contains a group called Florida_Operations. Can I via LDAP integration add Operational_Users and assign it to an Access Policy, so that all the groups within it are also authenticated by this Access Policy?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-17-2016 10:36 AM

Hi,

Nested groups with LDAP is not supported on ACS 5.8.

However, nested and transitive groups are supported with AD.

Regards,

Aditya

Please rate helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-17-2016 10:36 AM

Hi,

Nested groups with LDAP is not supported on ACS 5.8.

However, nested and transitive groups are supported with AD.

Regards,

Aditya

Please rate helpful posts.

0 Helpful

Go to solution
Nadav
Level 7
Level 7
In response to Aditya Ganjoo

‎03-18-2016 04:58 AM

Thanks Aditya!

Is this documented in the white papers? I found information regarding nested groups with AD but nothing regarding nested groups with LDAP.

0 Helpful
Customers Also Viewed These Support Documents