Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
385
Views
10
Helpful
3
Replies

WLC 3504 Mgmt Configuration Question

jstrauch-0231
Level 1
Level 1

‎03-18-2022 11:32 AM

Hello, I'm wondering if there is a way to configure a specific SSID to be managed by a non admin user group without providing admin access to the entire WLC.  I didn't see anything specific in the WLC GUI that would allow this and have tried to see if it's possible thru the CLI but no luck yet.

 

Also curious if it would be possible using something like ISE to provide the admin access to a specific SSID.

 

 

Thanks,

Labels:
0 Helpful
3 Replies 3

Flavio Miranda
VIP
VIP

‎03-18-2022 12:13 PM

Not sure what you are asking. You want a user to access the wlc web interface and be able to change the configuration in one SSID only?  I dont see how.  For example, you can determine which command an user can run based on the TACACS privileges on the device but the SSID is a parameter on the command, not a command. 

 

Arshad Safrulla
VIP Alumni
VIP Alumni

‎03-18-2022 12:47 PM

In AireOS you can give 3 level of access.

1. Read only

2. Read and write

3 lobby admin

So what you are requesting is not possible, you will not be able to limit a certain user group from configuration and management of one single SSID. Closest you can have is lobby admin account, where you can give certain group of users access to approve and add users to a certain SSID. If you are using ISE with CWA the same lobby admin scenario can be replicated with much granular level of access.

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

jstrauch-0231
Level 1
Level 1
In response to Arshad Safrulla

‎03-18-2022 01:00 PM

Thank you I saw that in the config guide as well.  I do need to look into ISE more but it does seem that though they can add users this request was to allow them to change the PSK if required for the SSID and other potential parameters.  I've never seen this done before either but it was a request we received so had to see if it was possible. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card