locked
Per identity attribute configuration RRS feed

  • Question

  • In NPS, I understand that policies apply to group. This means that every member in the same group will receive the same authorization attributes.

    Is there a way to configure per-member attribute in NPS? For example, I want to assign a nickname to a user after granting access. (I am not opt for using one member per group. )

    Thanks in advance.

    Wednesday, October 31, 2012 3:37 PM

All replies

  • Hi,

    Thanks for posting here.

    As far as I know, we cannot simply build rules to match user condition request based on specific AD attributes (such as nickname). Please note that every network policy must have configured condition. Once connection request match the condition, it will go through this policy to determine if it can get access or not. The following are the available conditions which can configure for network policy:

    • Groups
    • HCAP
    • Day and time restrictions
    • Network Access Protection
    • Connection properties
    • RADIUS client properties
    • Gateway

    For domain user, we can use group condition to specify user which belong to one of the specified groups. Your understanding is highly appreciated.

    Detailed information about Network Policy Conditions Properties, please refer to the following Link:

    http://technet.microsoft.com/en-us/library/cc731220(WS.10).aspx


    Best Regards,
    Aiden


    Aiden Cao

    TechNet Community Support

    • Proposed as answer by Aiden_Cao Wednesday, November 7, 2012 12:09 PM
    Friday, November 2, 2012 7:59 AM