cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
167
Views
5
Helpful
1
Replies

Privilege access through ACS AD accounts

jhager001
Beginner
Beginner

I know how to put limitations on privilege levels on the network devices themselves. But we have a Cisco ACS that is integrated with AD for access. I haven't ventured too deep into AD yet, but i'm wondering if there is a simple way I can give my helpdesk access to run base level commands for example, show commands, and shut/no shut ports to recover from err-disable state. 

 

 

1 Reply 1

Andre Neethling
Enthusiast
Enthusiast

You can try the following:

Assign the show commands and Config commands to a privilege level.

Create an AD group for your Helpdesk staff

Assign the configured privilege level (eg Privilege 5) to the AD group with your TACACS

They should then only have access via TACACS to those commands specified.

HTH

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: