Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
614
Views
0
Helpful
1
Replies

ACS Group Not Working

dtom
Level 1
Level 1

‎06-28-2011 09:00 AM - edited ‎03-10-2019 06:11 PM

Currently running ACS 4.2.  Trying to assign UCS access using a group.  Did the following:

1) Created a group call Server Admin

2) In the TACACS+ Settings - select Shell (exec)

3) In the TACACS+ Settings - select Custom attributes

4) In the TACACS+ Settings - enter - cisco-av-pair=shell:roles="admin"

5) Assign a user (with default user settings) to Server Admin group

When the user tries to login to UCS they get the following error message:

Login Error: Failed login info: Authentication failed.

If I assign the above settings (from the group information above) to the user, the user (not using a group) can login to UCS.  Isn't the  purpose of the Group is to allow you tooup of  assign security attributes to a group of users instead of assigning these attributes to each user seperatly?

Labels:
0 Helpful
1 Reply 1

Tarik Admani
VIP Alumni
VIP Alumni

‎06-28-2011 09:11 AM

Please change the av-pair format. It looks as if your are using the radius format and not the TACACS try using shell:roles*admin (keep in mind the using = will break tacacs authentications to your IOS devices). * makes this attribute optional.

Give it a try and that should get your rolling.

0 Helpful
Customers Also Viewed These Support Documents