Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
712
Views
0
Helpful
2
Replies

Cisco LMS Common Service 3.3 ACS integration

Go to solution
ihatelogin
Level 1
Level 1

‎05-11-2011 04:26 AM

I've resently been given the requirements to limit user access to certain functions within ACS so that they are only perform certain configuration tasks.  Mainly just the basic port and vlan configuration tasks and not trunk/vrf/vss configuration.  The standard user roles dont appear to allow me to do this.  Reading through the docs ACS integration allows the creation of custom roles but I havent been able to find out what options are available within these roles.

So I have a few questions.  Have a missed anything that would allow the none integrated LMS server perform this task.  If not, if I integrate LMS with ACS can it forfill this requirement?  I would lab it to see but i believe version 5.0 of acs doesnt support authorisation and would perfer to check this will work before obtaining additional licences for an early verison.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎05-21-2011 02:01 PM

You're right in that LMS 3.x does not allow role customization unless you are integrated with ACS.  ACS integration would give you the ability to do what you want.  However, LMS only integrates with ACS 3.x and 4.x.  Integration with ACS (to do role-level authorization) is not possible.

Another option is to upgrade to LMS 4.0.  LMS 4.0 provides built-in role customization without the need for ACS.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎05-21-2011 02:01 PM

You're right in that LMS 3.x does not allow role customization unless you are integrated with ACS.  ACS integration would give you the ability to do what you want.  However, LMS only integrates with ACS 3.x and 4.x.  Integration with ACS (to do role-level authorization) is not possible.

Another option is to upgrade to LMS 4.0.  LMS 4.0 provides built-in role customization without the need for ACS.

0 Helpful

Go to solution
ihatelogin
Level 1
Level 1
In response to Joe Clarke

‎05-24-2011 04:14 AM

Thank you for the reply Joseph.  There is a trial version of LMS 4.0 on the website and I'll get a test box built and lab it.  Upgrading to 4.0 is likely to be perferred than replacing the 5.0 acs appliance.

0 Helpful
Customers Also Viewed These Support Documents