05-11-2011 04:26 AM
I've resently been given the requirements to limit user access to certain functions within ACS so that they are only perform certain configuration tasks. Mainly just the basic port and vlan configuration tasks and not trunk/vrf/vss configuration. The standard user roles dont appear to allow me to do this. Reading through the docs ACS integration allows the creation of custom roles but I havent been able to find out what options are available within these roles.
So I have a few questions. Have a missed anything that would allow the none integrated LMS server perform this task. If not, if I integrate LMS with ACS can it forfill this requirement? I would lab it to see but i believe version 5.0 of acs doesnt support authorisation and would perfer to check this will work before obtaining additional licences for an early verison.
Solved! Go to Solution.
05-21-2011 02:01 PM
You're right in that LMS 3.x does not allow role customization unless you are integrated with ACS. ACS integration would give you the ability to do what you want. However, LMS only integrates with ACS 3.x and 4.x. Integration with ACS (to do role-level authorization) is not possible.
Another option is to upgrade to LMS 4.0. LMS 4.0 provides built-in role customization without the need for ACS.
05-21-2011 02:01 PM
You're right in that LMS 3.x does not allow role customization unless you are integrated with ACS. ACS integration would give you the ability to do what you want. However, LMS only integrates with ACS 3.x and 4.x. Integration with ACS (to do role-level authorization) is not possible.
Another option is to upgrade to LMS 4.0. LMS 4.0 provides built-in role customization without the need for ACS.
05-24-2011 04:14 AM
Thank you for the reply Joseph. There is a trial version of LMS 4.0 on the website and I'll get a test box built and lab it. Upgrading to 4.0 is likely to be perferred than replacing the 5.0 acs appliance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide