Lab Minutes Forum
Technical Discussion => Security => Topic started by: adecisco on September 21, 2013, 11:17:54 PM
-
MC please a quick one.
How can one ensure single logon for AD users. Situation exist where one users open multiple login session on different computer.
I know with ISE 1.2 guest session can be limited to one single signon but have been looking at corporate users using AD to login.
Thanks.
-
That's an interesting question, adecisco. Like you said, you can limit number of concurrent guest login and number of registered device per user but I haven't come across a way to limit number of AD user login. I would think it would have to be a by number of active RADIUS session for the user but I doubt that there is a condition attribute that does this check that you can use.
-
It was confirm by Cisco that the feature is not available. I keep thinking of way to hack this though!
-
Yeah.. I am thinking the same but you would need to keep track of the number of active RADUS session for the user. ISE already have that information, it just need to make it available for us to use.