Cisco Systems Servers Server User Manual


  Open as PDF
of 654
 
7-25
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 7 Setting Up and Managing User Accounts
Advanced User Authentication Settings
For more information about attributes, see Appendix C, TACACS+
Attribute-Value Pairs, or your AAA client documentation. For information on
assigning a PIX ACL, see the Assigning a PIX ACL to a User section on
page 7-22.
Before You Begin
For the TACACS+ service/protocol configuration to be displayed, a AAA
client must have been configured to use TACACS+ as the security control
protocol.
In the Advanced Options section of Interface Configuration, ensure that the
Per-user TACACS+/RADIUS Attributes check box is selected.
To configure TACACS+ settings for a user, follow these steps:
Step 1 Click Interface Configuration and then click TACACS+ (Cisco IOS). In the
TACACS+ Services table, under the heading User, ensure that the check box is
selected for each service/protocol you want to configure.
Step 2 Perform Steps 1 through 3 of the Adding a Basic User Account section on
page 7-5.
Result: The User Setup Edit page opens. The username being added or edited
appears at the top of the page.
Step 3 Scroll down to the TACACS+ Settings table and click the bolded service name
check box to enable that protocol; for example (PPP IP).
Step 4 To enable specific parameters within the selected service, select the check box
next to a specific parameter and then do one of the following, as applicable:
a. Select the Enabled check box.
b. Specify a value in the corresponding attribute box.
To specify ACLs and IP address pools, enter the name of the ACL or pool as
defined on the AAA client. Leave the box blank if the default (as defined on
the AAA client) should be used. For more information about attributes, see
Appendix C, TACACS+ Attribute-Value Pairs, or your AAA client
documentation. For information on assigning a PIX ACL, see the Assigning
a PIX ACL to a User section on page 7-22.
Tip An ACL is a list of Cisco IOS commands used to restrict access to or from
other devices and users on the network.
 previous next