Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
377
Views
5
Helpful
1
Replies

Privilege access through ACS AD accounts

jhager001
Level 1
Level 1

‎08-26-2015 04:20 PM - edited ‎03-08-2019 01:32 AM

I know how to put limitations on privilege levels on the network devices themselves. But we have a Cisco ACS that is integrated with AD for access. I haven't ventured too deep into AD yet, but i'm wondering if there is a simple way I can give my helpdesk access to run base level commands for example, show commands, and shut/no shut ports to recover from err-disable state. 

 

 

Labels:
0 Helpful
1 Reply 1

Andre Neethling
Level 4
Level 4

‎08-27-2015 10:54 PM

You can try the following:

Assign the show commands and Config commands to a privilege level.

Create an AD group for your Helpdesk staff

Assign the configured privilege level (eg Privilege 5) to the AD group with your TACACS

They should then only have access via TACACS to those commands specified.

HTH

Customers Also Viewed These Support Documents