Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
807
Views
5
Helpful
1
Replies

Defining services in TACACS Server

Ahmed Shahzad
Level 1
Level 1

‎11-10-2009 05:29 PM - edited ‎03-10-2019 04:47 PM

I have to define the following IPSO-specific service in your TACACS+ server:

service = nokia-ipso {

Nokia-IPSO-User-Role = "role_name_on_IPSO"

Nokia-IPSO-SuperUser-Access = <0|1>

}

How can I do it?

Labels:
0 Helpful
1 Reply 1

darpotter
Level 5
Level 5

‎11-11-2009 03:21 AM

To add a custom service to ACS...

Goto "Interface Configuration" then "TACACS+ (Cisco IOS)" and in the "New Services" section enter your new service "nokia-ipso" plus tick the user & group checkboxes. You might need to add "ip" as the protocol depending on what the actual T+ requests look like.

When you next edit a user or group you'll see a new TACACS+ service into which you can enter your custom attributes:

Nokia-IPSO-User-Role=role_name_on_IPSO

Nokia-IPSO-SuperUser-Access=<0|1>

Note that only very basic syntax checks are applied, basically as long as eahc line has somehing=something ACS will not complain, so its up to you to make sure the values are correct.

Customers Also Viewed These Support Documents