Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1198
Views
0
Helpful
1
Replies

Read Only access, for a single user, to ALL route/switch devices on large network

Steve Coady
Level 1
Level 1

‎09-16-2015 08:03 AM - edited ‎03-10-2019 11:03 PM

Hello

 

I have been tasked with creating a RO access for a single user on ALL my network devices.

 

I have Cisco Secure ACS 5.3

I use TACACS. 

 

Where/how would I create the user RO account that would push this out to all network devices?

sMc
Labels:
0 Helpful
1 Reply 1

Ivan Gonzalez
Cisco Employee
Cisco Employee

‎09-16-2015 10:09 AM

Hi Steve,

 

Since this task needs to be accomplished for a specific user. You can do the following:

 

1-Create a command set for this specific user to allow/deny the required commands on the following section "Policy Elements Authorization and Permissions Device Administration > Command Sets."

2-Create a rule using username as condition as you can see on the bellow example to assign Read only command set as you can see on the example attached ( please make sure to move this rules at the very top of from the other rules you might have configured, as this is very specific).

 

Note: Please marked as answered if applicable

 

 

Preview file
28 KB
0 Helpful
Customers Also Viewed These Support Documents