LMS 2.5 and TACACS user authentication

rodom · ‎05-16-2005

I just switched from local to ACS for my CiscoWorks user authentication. It seems to work, but I can't seem to limit beyond what I could do with a local user.

I wanted to limit what machines a user could access via CiscoView, but I can't, even though the configuration options imply you could limit the access by TACACS network groups.

I tried stopping all CiscoView using None and that didn't stop access either.

Anyone else attempting to use TACACS for user authentication into CW? Any luck limiting a user's view (not change authority - just which machines they can access).

smahbub · ‎05-20-2005

ACS can be used to authenticate users but not assign roles. User must have an account in Ciscoworks assigned with the proper roles. This account must be identical to the Ciscoworks account or the authenticated user will get guest access.

rodom · ‎05-24-2005

LMS 2.5 does have permission roles within ACS exceeding the granularity of local user. However, you have to restart LMS when switching between local and TACACS.

It is now working correctly and I can use ACS network groups to separate who can access which devices in CiscoWorks.

bstair · ‎06-08-2005

Can you provide some more details on how you got that working. I am able to setup the ACS integration but I can't limit or allow who sees wat

nhabib · ‎06-08-2005

Chapter 5 of the Common Services 3.0 White Paper might be of help:

http://www.cisco.com/en/US/products/sw/cscowork/ps2425/prod_white_papers_list.html