Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
563
Views
0
Helpful
1
Replies

Privileges for Cisco Devices

oneirishpollack
Level 1
Level 1

‎03-12-2014 07:56 AM

I have ACS 3.2 and a bunch of TACACS configured Cisco devices.

 

I want to give a limited set of access to techs the environment to modify VLAN assignments of ports.

So they would need to be able to access privileged mode, but only execute things like:

 

sh run

config t

config int y

switchport access vlan x

wr

 

 

 

Will be sure to rate. Thanks!!!!

 

 

Can someone help me understand how.

Labels:
0 Helpful
1 Reply 1

Vinod Arya
Cisco Employee
Cisco Employee

‎03-12-2014 11:26 AM

This is more of ACS side question, and hence you should try to post it to CSC's AAA community here:

https://supportforums.cisco.com/community/5936/aaa-identity-and-nac

ACS does has this feature to provide restricted access to users by creating such a restricted profile.

You can create Command Authorization Sets to perform this. Command authorization sets provide a central mechanism to control the authorization of each command issued on any given network device. This greatly enhances the scalability and manageability of setting authorization restrictions.

You can check Command Authorization Set here for ACS 3.2:

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a0080205a4a.html#wp737563

-Thanks

Vinod

**Encourage Contributors for free. Rate them :) **

-Thanks Vinod **Rating Encourages contributors, and its really free. **
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card