Configuring ietf radius settings for a user group – Cisco 3.3 User Manual
Page 228
Chapter 6 User Group Management
Configuration-specific User Group Settings
6-38
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Step 5
To prevent the application of any command authorization set for the applicable
device-management application, select the None option.
Step 6
To assign a particular command authorization set that affects device-management
application actions on any network device, follow these steps:
a.
Select the Assign a device-management application for any network device
option.
b.
Then, from the list directly below that option, select the command
authorization set you want applied to this group.
Step 7
To create associations that assign a particular command authorization set that
affects device-management application actions on a particular NDG, for each
association, follow these steps:
a.
Select the Assign a device-management application on a per Network Device
Group Basis option.
b.
Select a Device Group and a corresponding device-management
application.
c.
Click Add Association.
The associated NDG and command authorization set appear in the table.
Configuring IETF RADIUS Settings for a User Group
These parameters appear only when both the following are true:
•
A AAA client has been configured to use one of the RADIUS protocols in
Network Configuration.
•
Group-level RADIUS attributes have been enabled on the RADIUS (IETF)
page in the Interface Configuration section of the HTML interface.
RADIUS attributes are sent as a profile for each user from Cisco Secure ACS to
the requesting AAA client. To display or hide any of these attributes, see
Configuration Options for RADIUS, page 3-11
. For a list and explanation of
RADIUS attributes, see
Appendix C, “RADIUS Attributes”
. For more
information about how your AAA client uses RADIUS, refer to your AAA client
vendor documentation.