Examice

Exam 1Y0-230 All QuestionsBrowse all questions from this exam

Question 37

Scenario: Users belong to three Authentication, Authorization and Auditing (AAA) groups: Corporate, Finance and Software.

Show aaa groups:

>show aaa group

1) GroupName: Corporate

2) GroupName: Finance

3) GroupName: Software

Done -

>show aaa group Corporate

GroupName: Corporate -

Weight: 0 -

Authorization Policy: pol_1, Type: Classic, Priority: 0

> add authorization policy pol_1 ns_true ALLOW

> bind aaa group Corporate policy pol_1

The user is being denied resources while aaad.debug shows:

Group cporporate being extracted for user User1

Why is the user being denied access?

The Authorization policy is NOT configured properly.

The group attribute is NOT configured in the LDAP policy.

AAA group names are NOT the same as those in Active Directory/

LDAP Base DN is incorrect.

Correct Answer: C

The issue lies in the incorrect spelling of the group name 'corporate' in the debug output, which indicates that the AAA group names are not the same as those in Active Directory. This mismatch prevents proper authorization, leading to the user being denied access.

Discussion

tds010101Option: C

Should be C, the corporate is case sensitive