Filter
Top Products
Chapter 6 Setting Up and Managing User Groups
Configuration-specific User Group Settings
6-18
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Step 4 In the Token Card Settings table, to cache the token for the entire session, select
Session.
Step 5 Also in the Token Card Settings table, to cache the token for a specified time
period (measured from the time of first authentication) follow these steps:
a. Select Duration.
b. Type the duration length in the box.
c. Select the unit of measure, either Seconds, Minutes or Hours.
Step 6 To save the group settings you have just made, click Submit.
For more information, see the “Saving Changes to User Group Settings” section
on page 6-50.
Step 7 To continue specifying other group settings, perform other procedures in this
chapter, as applicable.
Setting Enable Privilege Options for a User Group
Note If this section does not appear, configure the interface to display advanced
TACACS+ settings. Click Interface Configuration, click TACACS+ (Cisco).
At the bottom of the page in the Advanced Configuration Options table, select
the Advanced TACACS+ features check box.
Perform this procedure to configure group-level TACACS+ enable parameters.
The three possible TACACS+ enable options are as follows:
• No Enable Privilege—(default) Select this option to disallow enable
privileges for this user group.
• Max Privilege for Any AAA Client—Select this option to select the
maximum privilege level for this user group for any AAA client on which this
group is authorized.
• Define max Privilege on a per-network device group basis—Select this
option to define maximum privilege levels for a NDG. To use this option, you
create a list of device groups and corresponding maximum privilege levels.
See your AAA client documentation for information about privilege levels.