Filter
Top Products
C-2
Installation Guide for Cisco Unified Service Monitor
OL-25111-01
Appendix C Security Configuration with Cisco Secure ACS
Common Services Local Login Module Authentication Roles
Note The Service Monitor integration with Cisco Secure ACS does not enable you to selectively filter out
specific devices. For example, a user in a role that includes the task:
• Data Source Credentials: add, edit and verify—Can add, edit, or verify credentials in
Service Monitor for any NAM or any Unified Communications Manager.
• Cisco 1040: view details—Can view details from Service Monitor for any Cisco 1040.
Common Services Local Login Module Authentication Roles
Common Services login modules enable you to use a source other than the native mechanism for
authentication, that is the Common Services Local login module.
After you authenticate, authorization is controlled by your role. A role is a set of tasks that you have the
privilege to perform. By default, the Common Services Local login module authorization scheme has six
roles. Roles are listed in Table C-1 from least privileged to most privileged.
For tasks that are defined for Service Monitor and Common Services and the roles with privileges to
perform the tasks, see the Permission Report in Common Services. (Select Administration > Server
Administration (Common Services) > Reports > Permission Report > Generate Report.)
Note For more information, see Common Services online help.
We recommend that you do not modify the default Common Services roles. However, you can create
your own custom roles for Service Monitor on Cisco Secure ACS.
Table C-1 Common Services User Roles and Privileges
Role Description
Non-ACS Mode—Common Services Local Login Module
Help Desk Privileges to view some information in Service Monitor and Common
Services.
Example: Generate and view reports and view details for Cisco 1040.
(Cannot perform modifications.)
Network Operator Privilege to perform all Service Monitor tasks and some Common Services
tasks.
Example: Set up Service Monitor; add, modify, verify data source
credentials.
Network Administrator Privilege to perform all Service Monitor tasks and several Common
Services tasks. User can also perform Network Operator tasks.
Example: Same as Network Operator.
System Administrator Privilege to perform all system administration tasks.
Example: Enable and disable debugging; set logging level.
Super Admin This role is not supported in Service Monitor.