Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
474
Views
0
Helpful
1
Replies

CSM per admin group using per device group

mallenson
Level 4
Level 4

‎05-26-2011 06:03 AM - edited ‎02-21-2020 04:21 AM

I am looking to see if multiple admin and device groups can be created to limit certain administrators to administrate only certain devices but not others.

For example:

admin group "ag_na" (including user admin1 & admin2)  can make changes to device group "dg_na" containing (device 1, device 2) only

admin group "ag_ca" (including user admin3 & admin4) can make changes to device group "dg_ca" containing (device30 & device31) only

Any tips on if / how to do this?

Thanks

0 Helpful
1 Reply 1

ROBERTO GIANA
Level 4
Level 4

‎05-26-2011 07:52 AM

You can do it by integrating the CSM into an ACS v4.2 and doing RBAC. There you can define for which NDGs a user has which access policy.

http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/4.1/installation/guide/aduser.html#wp1063220

Unfortunately this is a short-therm solution as ACS v4.2 has been put to EoS and no real alternative methods are available today. Hopefully Cisco will come up with a new solution on the long-therm.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card