cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

411
Views
0
Helpful
2
Replies
Highlighted
Beginner

ACS 5.1 Evaluation Limitations

I've setup a Cisco Secure ACS server 5.1 in VMware ESXi everything seems to be working fine, however under the options for Policy Elements > Authorization and Permissions > Device Administration > Command Sets there is a command called "DenyAllCommands" that was there when i first installed the ACS.  Is there any way to remove this?  When I try to remove it i get an error that thats it can't be removed or modified.  I'm writing a report on the Cisco ACS for university, if this is a limitation of the evaluation licence I will need to reference it.  Can anyone confirm if this is a limitation and provide a link to a cisco page that confirms this. 

Everyone's tags (6)
2 REPLIES 2
Highlighted

ACS 5.1 Evaluation Limitations

Douglas,

That is a built-in command set. DenyAllCommands is the default value. It is -almost- the same as the implicit deny all setence when you configure control access list (ACL) on a a router.

So, that is OK.

In "Shell Profiles" and Authorization Profiles" also there is a "Permit Access" profile that is built-in and can not be removed or modified.

HTH

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
Highlighted
Beginner

Re: ACS 5.1 Evaluation Limitations

Hi Amjad

Thanks for your reply.  Is there any reference on Cisco.com that confirms what you said? Because I'm writing a report on the Cisco ACS and need to

reference this. 

Thanks

Douglas