01-25-2002 06:41 PM - edited 02-21-2020 09:58 AM
Anyone can help for the following question ?
How many NAS priviledge password or users can be created via the Cisco ACS?
Can the users can their password for next login. Will it must did it on ACS server or? This provides sense to memorize the password. Please advise. Thanks.
02-21-2002 04:49 PM
The number of users and corresponding password on created on the internal Cisco ACS db, is limited by the hard disk space of the server itself. It could easily handle 100,000 users as per:
For your second question, could you pls clarify? If you are after the users being able to change their passwords themselves, you could do this with the UCP as in:
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/csnt30/ucp30.htm
03-13-2018 12:39 PM
Assign ACS ver 4.2 and to setup users with limited access to our switchs and routers. Here is what to do?
1) Created a user in ACS
2) Create Shell command Autorization Set - ReadOnly
Unmatched Commands - Deny
Commands Added
show
exit
* this should limit the user to the show and exit command only (correct)?
3) Created a group - HelpDesk with the following TACACS+ Settings
Shell (exec) is checked
Priviledge level is check with 15 as the assigned level
Assign a Shell Command Authorization Set for any network device - selected
ReadOnly - shell command autorization set seleted
When the user logs on to the router/switch it appears that he has full access. He can enter the enable command, config terminal command, etc. All we want him to be able to do is to issue the show command.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide