01-23-2012 08:45 AM - edited 07-03-2021 09:25 PM
I have a significant amount of Lan Administrators who need access to WCS. I'd like to be able to use ACS for their log in and accounting. However, as simple as it seems on the documenation, I just cannot seem to get it to work.
Steps I have done:
1) configured TACACS server
2) configured in ACS with shared key
3) chose TACACS mode on WCS
Authenication still remains local. does anyone have this working and is there another step?
Solved! Go to Solution.
01-23-2012 10:02 AM
when you want to use TACACS for WCS you need to build the service for it as it is not there by default. Take a look at the WCS config guide in how to create the service in TACACS.
http://www.cisco.com/en/US/docs/wireless/wcs/7.0/configuration/guide/7_0admin.html#wp1059647
Steve
Sent from Cisco Technical Support iPhone App
01-23-2012 08:50 AM
When you set the mode to TACACS what did you set as the failback?
The user you are using to test with is somethign other than root correct?
01-23-2012 09:32 AM
enable fallback to local on auth failure or no server response
01-23-2012 08:50 AM
Under AAA mode did you unselect local and select TACACS ?
See attached
01-23-2012 09:30 AM
Yes I did that step. As well as enable fallback to local on auth failure or no server response
01-23-2012 08:54 AM
when you buIlt the new service did you put in HTTPS? It is case sensitive.
Can you screenshot the new service config as well as the entries under the group or user where you define the role?
Steve
Sent from Cisco Technical Support iPhone App
01-23-2012 09:31 AM
not sure what you mean by HTTPS or new service config.
All the steps that i performed were under Administration>AAA Mode and Administration>TACACS+
01-23-2012 09:34 AM
What version of ACS?
Did you go through in ACS and add all the tasks?
01-23-2012 09:41 AM
Did you set up virtual domains ? Are your admins part of the ADMIN domain ? You will need to make sure they are part of the admin group with the admin attributes.
01-23-2012 10:02 AM
when you want to use TACACS for WCS you need to build the service for it as it is not there by default. Take a look at the WCS config guide in how to create the service in TACACS.
http://www.cisco.com/en/US/docs/wireless/wcs/7.0/configuration/guide/7_0admin.html#wp1059647
Steve
Sent from Cisco Technical Support iPhone App
01-23-2012 12:00 PM
Thanks. I knew it seemed too easy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide