04-22-2009 10:13 AM
LMS 3.1 with Ciscoworks common services 3.2.0
A network analyst from another group would like to use our ciscoworks application to perform configuration tasks on his switches. Is there any way to give an ID full administration access to the application, but only for a determined set of devices??? For obvious reasons, we don't want to give this ID the ability to have control over our devices. For what I can see, the roles are predefined and cannot be modified in any way and new roles cannot be added. Has anyone done something like this???
Thanks for any suggestions.
04-22-2009 10:41 AM
This is possible, but you must have LMS integrated with CiscoSecure ACS to do it. With ACS integration, you can create a Network Device Group which only contains the devices this user can manage. Then, you can give that user full admin access to devices in that group.
04-22-2009 02:48 PM
Thanks for the reply.
Is it possible to accomplish something similar for non ACS authentication systems? We use Radius. Is it possible to pass attributes from the Radius server to ciscoworks?
Thanks.
04-22-2009 03:45 PM
No, this is not possible unless you are integrated with an ACS server.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide