Scenario: Users belong to three Authentication, Authorization and Auditing (AAA) groups: Corporate, Finance and Software.
Show aaa groups:
>show aaa group
1) GroupName: Corporate
2) GroupName: Finance
3) GroupName: Software
Done
>s
how aaa group Corporate
GroupName: Corporate
Weight: 0
Authorization Policy: pol_1, Type: Classic, Priority: 0
> add authorization policy pol_1 ns_true ALLOW
> bind aaa group Corporate -policy pol_1
The user is being denied resources while aaad.debug show
s:
Group -cporporate- being extracted for user User1
Why is the user being denied access?
A. The Authorization policy is NOT configured properly.
B. The group attribute is NOT configured in the LDAP policy.
C. AAA group names are NOT the same as those in
Active Directory/
D. LDAP Base DN is incorrect.