Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts

[CISCO] Mapping AD Users to DNA Center Scalable Groups

Sup guys

I am having a hard time finding out where and how i can map a AD Group (or specific AD Users) to Scalable Groups in my DNA Center. I think this needs to be done on my ISE, not really on my DNA.

ISE and DNA are already integrated - no problems here.

My AD is already joined to my ISE and i imported 3 groups to my ISE under ISE:

Work Center > Network Acces > External Identity Sources > Active Direktory Join > Name of my AD Join > Groups.

But i can not find out where i map those groups (or users) to belong to a SG which i can finally integrate to my virtual networks in my DNAC.

Thanks in advance and regards!

1 comment
78% Upvoted
What are your thoughts? Log in or Sign uplog insign up
level 1

Your auth-z rule. Ie

Dot1x and external group (AD GROUP: HR) assign profile + SGT HR.

Or mab + group level 2 printers = profile printers + Sgt printers.

Community Details





###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post
r/networking Rules
Rule #1: No Home Networking.
Rule #2: No Certification Brain Dumps / Cheating.
Rule #3: No BlogSpam / Traffic re-direction.
Rule #4: No Low Quality Posts.
Rule #5: No Early Career Advice.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.