cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
872
Views
0
Helpful
2
Replies

CSM and LMS Integration with ACS

Luis Perez
Level 1
Level 1

I have configured CSM 4.1 and LMS 4.1 for authentication whit TACACS+ the server is my ACS 5.3. The integration was ok but when i use my ACS internal user whit a policy for shell profile (privilege 15) and command set (permit any command) they log in the systems but some functions are not available with a warning saying you dont have role permissions.

There is any way to assign a SuperAdmin role for a user authenticated with ACS???

2 Replies 2

ben.posner
Level 1
Level 1

Luis (or anyone)

did you get this resolved? I'm having the same issue. I have NCS and LMS and have gotten NCS and ACS to play nicely using these guides (https://supportforums.cisco.com/docs/DOC-17909 & https://supportforums.cisco.com/message/3743434#3743434) but am in the same boat as you with regard to LMS.

with just the ACS account, a user can log into LMS but cannot do any tasks or even access certain menus, but if I add a local user using the same ACS username with the permissions i want them to have they can do what they need. seems kinda silly to have to make the user twice. there MUST be a way to have ACS tell LMS that the user logging in is in this Role group and has X,Y,Z permissions but i cannot find out how. In NCS it was a shell profile as detailed in the links above but can't find anything like that for LMS.

Anyone have any help or ideas or a guide?!?

found this doc (https://supportforums.cisco.com/thread/2163369) basically saying that Authorization is LOCAL only and users will default to the Helpdesk group. is this still True? is this going to be added at any time in the future? this kinda sucks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card