In the following example, a user with the admin role inherits all privileges associated with the Active Directory (AD) Administrator group.
-
In privileged EXEC mode, use
the configure
terminal command to enter global configuration mode.
device# configure terminal
Entering configuration mode terminal
-
Use the ldap-server maprole
command to set the group information.
A maximum of 16 AD groups can
be mapped to the device roles.
device(config)# ldap-server maprole group Administrator role admin
