Authenticate the Cisco Devices using Active Directory

We want to authenticate and authorize the user on Cisco devices using the Microsoft Active Directory. In this tutorial, we want to create two Active Directory groups, Network Admin and Network Tech. Network Admin have full access to Cisco devices (privilege level 15) while Network Tech have custom access (like show commands including show running and interface configurations) only.

arbab belong to the Network Admin group

ali  belong to the Network Tech group

Network Policy and Access Services:

Before starting this tutorial, I assume that you have installed the Active Directory and it is up and running. Let’s start the tutorial by adding the NPS Role:

Start -> Administrative Tools -> Server Manager

Read more of this post