Cisco 3.3 User Manual
Page 238
Chapter 6 User Group Management
Configuration-specific User Group Settings
6-48
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
The following Cisco Secure ACS RADIUS protocols support the Microsoft
RADIUS VSA:
•
Cisco IOS/PIX
•
Cisco VPN 3000
•
Ascend
Microsoft RADIUS represents only the Microsoft VSA. You must configure both
the IETF RADIUS and Microsoft RADIUS attributes.
Note
To hide or display Microsoft RADIUS attributes, see
Configuration Options for Non-IETF RADIUS Attributes, page 3-17
. A VSA
applied as an authorization to a particular group persists, even when you remove
or replace the associated AAA client; however, if you have no AAA clients of this
(vendor) type configured, the VSA settings do not appear in the group
configuration interface.
To configure and enable Microsoft RADIUS attributes to be applied as an
authorization for each user in the current group, follow these steps:
Step 1
Confirm that your IETF RADIUS attributes are configured properly.
For more information about setting IETF RADIUS attributes, see
IETF RADIUS Settings for a User Group, page 6-38
Step 2
In the navigation bar, click Group Setup.
The Group Setup Select page opens.
Step 3
From the Group list, select a group, and then click Edit Settings.
The Group Settings page displays the name of the group at its top.
Step 4
From the Jump To list at the top of the page, choose RADIUS (Microsoft).
Step 5
In the Microsoft RADIUS Attributes table, specify the attributes to be authorized
for the group by selecting the check box next to the attribute. Where applicable,
further define the authorization for that attribute in the field next to it. For more
information about attributes, see
Appendix C, “RADIUS Attributes”
, or the
documentation for network devices using RADIUS.