I have IAS setup and functioning on 2k8 server to allow access to our Cisco switches and it's working fine. Now I have a user who needs to be allowed to login and manage only certain switches and I'm not sure how to setup this "limit". It appears that IAS goes through it's policies and as long as a policy matches an AD group that the user is in, the user is allowed to login to the switch. I want to be able to somehow say that Person A can login to all the radius clients but Person B (in a different AD group) is only allowed to login to switch 1 but not switch 2.
Thanks in advance.