Cisco 3.3 User Manual

Page 273

Advertising
background image

7-27

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Chapter 7 User Management

Advanced User Authentication Settings

To specify shell command authorization set parameters for a user, follow these
steps:

Step 1

Perform Step 1 through Step 3 of

Adding a Basic User Account, page 7-4

.

The User Setup Edit page opens. The username being added or edited is at the top
of the page.

Step 2

Scroll down to the TACACS+ Settings table and to the Shell Command
Authorization Set feature area within it.

Step 3

To prevent the application of any shell command authorization set, select (or
accept the default of) the None option.

Step 4

To assign the shell command authorization set at the group level, select the As
Group
option.

Step 5

To assign a particular shell command authorization set to be effective on any
configured network device, follow these steps:

a.

Select the Assign a Shell Command Authorization Set for any network
device
option.

b.

Then, from the list directly below that option, select the shell command
authorization set you want applied to this user.

Step 6

To create associations that assign a particular shell command authorization set to
be effective on a particular NDG, for each association, follow these steps:

a.

Select the Assign a Shell Command Authorization Set on a per Network
Device Group Basis
option.

b.

Select a Device Group and an associated Command Set.

c.

Click Add Association.

Tip

You can also select which command set applies to network device groups
that are not listed simply by associating that command set with the NDG
<default> listing.

The NDG or NDGs and associated shell command authorization set or sets
are paired in the table.

Advertising