Setting custom radius attributes for a user – Cisco 3.3 User Manual
Page 299
7-53
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 7 User Management
Advanced User Authentication Settings
Step 2
Before configuring BBSM RADIUS attributes, be sure your IETF RADIUS
attributes are configured properly. For more information about setting IETF
RADIUS attributes, see
Setting IETF RADIUS Parameters for a User, page 7-38
.
Step 3
In the BBSM RADIUS Attributes table, to specify the attributes that should be
authorized for the user, follow these steps:
a.
Select the check box next to the particular attribute.
b.
Further define the authorization for that attribute in the box next to it.
c.
Continue to select and define attributes, as applicable.
For more information about attributes, see
, or your AAA client documentation.
Step 4
Do one of the following:
•
If you are finished configuring the user account options, click Submit to
record the options.
•
To continue to specify the user account options, perform other procedures in
this chapter, as applicable.
Setting Custom RADIUS Attributes for a User
Custom RADIUS parameters appear only if all the following are true:
•
You have defined and configured the custom RADIUS VSAs. (For
information about creating user-defined RADIUS VSAs, see
RADIUS Vendors and VSAs, page 9-28
.)
•
A AAA client is configured in Network Configuration that uses a RADIUS
protocol that supports the custom VSA.
•
The Per-user TACACS+/RADIUS Attributes check box is selected under
Advanced Options in the Interface Configuration section.
•
User-level RADIUS (custom name) attributes you want to apply are enabled
under RADIUS (custom name) in the Interface Configuration section.
You must configure both the IETF RADIUS and the custom RADIUS attributes.
Proprietary attributes override IETF attributes.