topic Re: Defining services in TACACS Server in Network Access Control https://community.cisco.com/t5/network-access-control/defining-services-in-tacacs-server/m-p/1292089#M318224 <HTML><HEAD></HEAD><BODY><P>To add a custom service to ACS...</P><P></P><P>Goto "Interface Configuration" then "TACACS+ (Cisco IOS)" and in the "New Services" section enter your new service "nokia-ipso" plus tick the user &amp; group checkboxes. You might need to add "ip" as the protocol depending on what the actual T+ requests look like.</P><P></P><P>When you next edit a user or group you'll see a new TACACS+ service into which you can enter your custom attributes:</P><P></P><P>Nokia-IPSO-User-Role=role_name_on_IPSO</P><P>Nokia-IPSO-SuperUser-Access=&lt;0|1&gt;</P><P></P><P>Note that only very basic syntax checks are applied, basically as long as eahc line has somehing=something ACS will not complain, so its up to you to make sure the values are correct.</P></BODY></HTML> Wed, 11 Nov 2009 11:21:29 GMT darpotter 2009-11-11T11:21:29Z Defining services in TACACS Server https://community.cisco.com/t5/network-access-control/defining-services-in-tacacs-server/m-p/1292088#M318223 <P>I have to define the following IPSO-specific service in your TACACS+ server:</P><P>service = nokia-ipso {</P><P>Nokia-IPSO-User-Role = "role_name_on_IPSO"</P><P>Nokia-IPSO-SuperUser-Access = &lt;0|1&gt;</P><P>}</P><P></P><P>How can I do it?</P> Sun, 10 Mar 2019 23:47:29 GMT https://community.cisco.com/t5/network-access-control/defining-services-in-tacacs-server/m-p/1292088#M318223 Ahmed Shahzad 2019-03-10T23:47:29Z Re: Defining services in TACACS Server https://community.cisco.com/t5/network-access-control/defining-services-in-tacacs-server/m-p/1292089#M318224 <HTML><HEAD></HEAD><BODY><P>To add a custom service to ACS...</P><P></P><P>Goto "Interface Configuration" then "TACACS+ (Cisco IOS)" and in the "New Services" section enter your new service "nokia-ipso" plus tick the user &amp; group checkboxes. You might need to add "ip" as the protocol depending on what the actual T+ requests look like.</P><P></P><P>When you next edit a user or group you'll see a new TACACS+ service into which you can enter your custom attributes:</P><P></P><P>Nokia-IPSO-User-Role=role_name_on_IPSO</P><P>Nokia-IPSO-SuperUser-Access=&lt;0|1&gt;</P><P></P><P>Note that only very basic syntax checks are applied, basically as long as eahc line has somehing=something ACS will not complain, so its up to you to make sure the values are correct.</P></BODY></HTML> Wed, 11 Nov 2009 11:21:29 GMT https://community.cisco.com/t5/network-access-control/defining-services-in-tacacs-server/m-p/1292089#M318224 darpotter 2009-11-11T11:21:29Z