Case Sensitivity And Command Authorization; Arguments And Command Authorization - Cisco 3.3 User Manual

For windows server version 3.3
Table of Contents

Advertisement

Chapter 5
Shared Profile Components

Case Sensitivity and Command Authorization

Arguments and Command Authorization

78-16592-01
Device Management Command Authorization Sets—See either of the
following:
Configuring Device-Management Command Authorization for a User
Group, page 6-37
Configuring Device-Management Command Authorization for a User,
page 7-30
When performing command authorization, Cisco Secure ACS evaluates
commands and arguments in a case-sensitive manner. For successful command
authorization, you must configure command authorization sets with case-sensitive
commands and arguments.
As an additional complication, a device requesting command authorization may
send commands and arguments using a case different from the one you typed to
issue the command.
For example, if you type the following command during a router-hosted session:
interface FASTETHERNET 0/1
the router may submit the command and arguments to Cisco Secure ACS as:
interface FastEthernet 0 1
If, for the interface command, the command authorization set explicitly permits
the FastEthernet argument using the spelling "fastethernet", Cisco Secure ACS
fails the command authorization request. If the command authorization rule
instead permits the argument "FastEthernet", Cisco Secure ACS grants the
command authorization request. The case used in command authorization sets
must match what the device sends, which may or may not match the case you use
when you type the command.
When you explicitly permit or deny arguments rather than rely on Cisco Secure
ACS to permit unmatched arguments, you must make certain that you know how
devices send arguments to Cisco Secure ACS. A device requesting command
authorization may send different arguments than the user typed to issue the
command.
User Guide for Cisco Secure ACS for Windows Server
Command Authorization Sets
5-29

Advertisement

Table of Contents
loading

This manual is also suitable for:

Secure access control serverSecure acs

Table of Contents