12-05-2012 06:34 AM - edited 03-10-2019 07:51 PM
Hi team,
We are using ACS 4.2 for the network device authentication.Now we need to create one user who can only able to shut and no shut the router interface.May i know how can i assign only three commands (conf t, Interface ,shut) to one user
Solved! Go to Solution.
12-06-2012 01:08 AM
Hi Jithu,
Please have a look on the link below:
It shows step by step configuration of what you looking for.
Regards,
Gurpreet S Puri
****************************
Keep Smiling, Peace
****************************
(Please Rate Helpful Post)
12-05-2012 07:13 AM
Hi there,
This can be done using the Shell Command Authorization option, then you can apply this Shell into the User configuration, take a look below:
12-05-2012 07:16 AM
I forget to add the screenshots, here they are:
Then you apply this in the User configuration:
12-06-2012 12:43 AM
Hi Mauricio,
Thanks for your answer.Please help me to fill all another informations also while creating the user and the user group.Please share the screen shot for the same.Please help me because i dont have any experience in the ACS.First time i am logging to this...
12-06-2012 01:08 AM
Hi Jithu,
Please have a look on the link below:
It shows step by step configuration of what you looking for.
Regards,
Gurpreet S Puri
****************************
Keep Smiling, Peace
****************************
(Please Rate Helpful Post)
02-05-2013 07:44 AM
Hi,
I would like to add a new user group on ACS 4.2 and allow access to certain devices on the network, not to everything that is being authenticated by the ACS box. Please help me find a way to do such configuration.
My apologies for asking a new question here.
Thanks in Advance
Nivi
02-05-2013 07:45 AM
Hi,
I would like to add a new user group on ACS 4.2 and allow access to certain devices on the network, not to everything that is being authenticated by the ACS box. Please help me find a way to do such configuration.
My apologies for asking a new question here.
Thanks in Advance
Nivi
02-05-2013 10:51 AM
Hi Nivi,
You need to create a network device group (NDG), add the devices you want users to authenticate to and assign user to that group. You can create multiple groups depending on their authentication requirements.
I hope this helps.
02-05-2013 11:01 AM
Hi Eudechime,
That definitely helps! Thank you for your insights. Can you please provide more detail. I need to create user groups, not based on the IP addresses of the machines, they use to access.
Thanks
Nivi
02-05-2013 11:46 AM
you can create up to 500 users..Group 0 - 499.
click
pull down arrow to select the group you want 0 -499 (0 - is the default)
click
Click submit
Click Network Configuration. Click
click the NDG and add devices.
To get this to work, you must assign the user and device you want user to access to this group. Add a user, ensure you selected the group to which user is assigned and click use group settings, etc.
This may not be clear if you are pretty new to ACS, but I'm sure it will help direct you to the right path
02-05-2013 11:50 AM
Thank you a ton!
I will try that out and let you know how it goes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide