Table of Contents
Advertisement
Configuration-specific User Group Settings
Step 5
Step 6
Step 7
Configuring IETF RADIUS Settings for a User Group
User Guide for Cisco Secure ACS for Windows Server
6-38
To prevent the application of any command authorization set for the applicable
device-management application, select the None option.
To assign a particular command authorization set that affects device-management
application actions on any network device, follow these steps:
Select the Assign a device-management application for any network device
a.
option.
Then, from the list directly below that option, select the command
b.
authorization set you want applied to this group.
To create associations that assign a particular command authorization set that
affects device-management application actions on a particular NDG, for each
association, follow these steps:
a.
Select the Assign a device-management application on a per Network Device
Group Basis option.
Select a Device Group and a corresponding device-management
b.
application.
Click Add Association.
c.
The associated NDG and command authorization set appear in the table.
These parameters appear only when both the following are true:
A AAA client has been configured to use one of the RADIUS protocols in
•
Network Configuration.
Group-level RADIUS attributes have been enabled on the RADIUS (IETF)
•
page in the Interface Configuration section of the HTML interface.
RADIUS attributes are sent as a profile for each user from Cisco Secure ACS to
the requesting AAA client. To display or hide any of these attributes, see
Configuration Options for RADIUS, page
RADIUS attributes, see
information about how your AAA client uses RADIUS, refer to your AAA client
vendor documentation.
3-11. For a list and explanation of
Appendix C, "RADIUS
Chapter 6
User Group Management
Attributes". For more
78-16592-01
Protocol
Advertisement
Table of Contents
Troubleshooting
