Configuring A Pix Command Authorization Set For A User Group - Cisco 3.3 User Manual

Chapter 6 User Group Management

Configuring a PIX Command Authorization Set for a User Group

Step 1
Step 2
78-16592-01
To enter several commands, you must click Submit after specifying a
Tip
command. A new command entry box appears below the box you just
completed.
Use this procedure to specify the PIX command authorization set parameters for
a user group. There are three options:
• None—No authorization for PIX commands.
Assign a PIX Command Authorization Set for any network device—One
•
PIX command authorization set is assigned, and it applies all network
devices.
• Assign a PIX Command Authorization Set on a per Network Device
Group Basis—Particular PIX command authorization sets are to be effective
on particular NDGs.
Before You Begin
Ensure that a AAA client has been configured to use TACACS+ as the
•
security control protocol.
On the TACACS+ (Cisco) page of Interface Configuration section, ensure
•
that the PIX Shell (pixShell) option is selected in the Group column.
Make sure that you have already configured one or more PIX command
•
authorization sets. For detailed steps, see
Set, page 5-31.
To specify PIX command authorization set parameters for a user group, follow
these steps:
In the navigation bar, click Group Setup.
The Group Setup Select page opens.
From the Group list, select a group, and then click Edit Settings.
The Group Settings page displays the name of the group at its top.
Configuration-specific User Group Settings
Adding a Command Authorization
User Guide for Cisco Secure ACS for Windows Server
6-35