09-14-2011 12:44 AM - edited 03-10-2019 06:24 PM
Hi Experts,
I have task of configuring TACAC with different user level for all routers and switches,
To elaborate more, I have engineer , analyst and site engineers so I want to configure centralized tacac authentication with different privilage levels for different categories of network engg. , analyst, site engineer,
can anybody explain about this how to proceed with ACS 5.2 and what configuration is required in device level.
I am perticularly looking for acs 5.2 configuration steps.
Looking forward to get reply.
Solved! Go to Solution.
09-15-2011 01:59 AM
In "default device admin" simply create authorization rules.
They should look like "if user type/group = site engineer then assign shell profile X"
You then have to define the shell profile in policy elements and put in there all the privileges of your site engineer.
And so on for the other roles
09-14-2011 11:07 AM
Assigning different privileges level to different user types is easy.
Do these privileges also vary depending on the type of device accessed ? Can you be more specific ?
What you ask seem to be just indicated in the acs 5.2 user guide, so I'm not sure if there is anything tricky in your question that I missed.
09-14-2011 11:46 PM
Hi Nicolas,
Thanks for your reply.
We have all distribution swithces ( L3 switch ) and later all routers ( CE routers ) to configured with tacac.
I just need steps to be followed in ACS configuration for this task .
09-15-2011 01:59 AM
In "default device admin" simply create authorization rules.
They should look like "if user type/group = site engineer then assign shell profile X"
You then have to define the shell profile in policy elements and put in there all the privileges of your site engineer.
And so on for the other roles
09-19-2011 11:03 PM
Hi Nicolas,
Sorry for late reply.
I just read your reply and you made quite easier for me to go further and understand this.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide