cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

452
Views
0
Helpful
0
Replies
deepakramanath
Beginner

Creating TACACS+ Profiles using ERS APIs in Cisco ISE 2.3

I'm trying to define a simple "TACACS Profiles" and/or "TACACS Command Sets" using the ERS API (not via the GUI) in a Cisco ISE deployment. Although the API posts the required information, I do not see any profiles being defined in the ISE GUI. Steps that I have taken are as follows:

 

1. Enabled the ERS Read/Write from Administration -> Settings -> ERS Settings

2. Created ERS Admin user from Administration -> Admin Access  -> Administrators -> Admin Users (click add and then created the ersadmin user with Admin Groups being ERS Admin)

3. Login to https://cisco-ise-host-IP:9060/ers/sdk#_ using the ersadmin credentials

4. Following the API documentation to create a authorisation profile, in particular, the TACACS profile as stated before.

5. From a Linux terminal, I am using curl to POST the TACACS Profile/Command Set configuration (saved in as JSON format)

 

Although, I have worked out various intermediate steps to do the above step 5 successfully, the added profile is not reflected in the GUI. The API documentation doesn't not specifically mention about TACACS authorisation profiles and hence I'm not sure if this is actually possible, that is, to add a TACACS profile via the API.

 

Any help would be highly appreciated

0 REPLIES 0
Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube