Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1058
Views
5
Helpful
5
Replies

LMS Authentication with ACS 5.1

Go to solution
jain.nitin
Level 3
Level 3

‎04-19-2010 12:26 AM

Hi, I am using LMS authentication via ACS. I am able to login to LMS successfully with ACS user name and password but I can not execute most of the task it says you are not authorised. do i need to anything in LMS except enabling login module to tacacs...

Let me know if I missed something.

Thanks

Ninja

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎04-19-2010 12:35 AM

Integration with ACS 5.1 is not yet supported.  You can do authentication only with ACS 5.0, and 5.1 should work, but you will not be able to use full AAA integration.  Disable AAA mode, and set the login module to be TACACS+.  Point that to your 5.1 server, and you should be able to login, and run tasks in LMS.  However, you will still need to create local accounts in LMS for all of your users to do the authorization piece.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee

‎04-19-2010 12:35 AM

Integration with ACS 5.1 is not yet supported.  You can do authentication only with ACS 5.0, and 5.1 should work, but you will not be able to use full AAA integration.  Disable AAA mode, and set the login module to be TACACS+.  Point that to your 5.1 server, and you should be able to login, and run tasks in LMS.  However, you will still need to create local accounts in LMS for all of your users to do the authorization piece.

0 Helpful

Go to solution
jain.nitin
Level 3
Level 3

‎04-19-2010 02:43 AM

thanks it worked. but need to ask one thing password should match with acs password for an user ?? caz i know mine password but dont know other users passwords which are on ACS so just wanted to check..LMS will check only username or password as well before giving authorization to a user.

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to jain.nitin

‎04-19-2010 08:24 AM

If you are using an external authentication module, you do not need to specify a password for your users in LMS.  LMS will use the external login module for authentication.  All you need to specify in LMS are the roles the user will require.

0 Helpful

Go to solution
ROMAN TOMASEK
Level 1
Level 1
In response to Joe Clarke

‎04-08-2011 05:07 AM

Hello Joe,

I have one question about authorization. Is possible to use an AV pair or shell in ACS 5 (Radius or Tacacs) for assigning role (defined in LMS4.0) to the users? Like following: shell:admin=SuperAdmin default-domain. I think that the creation a lot of same users in LMS like in ACS when different roles are assigned to these users. is horrible for my customers. Thank you.

Roman

0 Helpful

Go to solution
Joe Clarke
Cisco Employee
Cisco Employee
In response to ROMAN TOMASEK

‎04-08-2011 09:05 AM

Unfortunately, this is not possible.  All authroization in LMS 4.0 must be done locally.  There is no way to inject authorization data from an AAA server into LMS 4.0.

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card