Configure Identity Policy Settings
For identity policies to work, you must configure the sources that provide user identity information. The settings you must configure differ based on the type of rules you configure: passive, active, or both.
Note | At this time, CDO can not configure some of the components needed to implement identity policies such as active directory identity realms, remote access VPN, and Cisco Identity Services Engine. These components must be configured in FDM, which is the local manager of the device. Some of the steps in the procedure below indicate that you must use FDM to configure some identity components to implement identity policies. |