Filter
Top Products
7-27
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 7 Setting Up and Managing User Accounts
Advanced User Authentication Settings
• In the TACACS+ (Cisco) section of Interface Configuration, ensure that the
Shell (exec) option is selected in the User column.
• Ensure that you have previously configured one or more shell command
authorization sets. For detailed steps, see the “Command Authorization Sets
Configuration” section on page 5-14.
To specify shell command authorization set parameters for a user, follow these
steps:
Step 1 Perform Steps 1 through 3 of the “Adding a Basic User Account” section on
page 7-5.
Result: The User Setup Edit page opens. The username being added or edited
appears at the top of the page.
Step 2 Scroll down to the TACACS+ Settings table and to the Shell Command
Authorization Set feature area within it.
Step 3 To prevent the application of any shell command authorization set, select (or
accept the default of) the None option.
Step 4 To assign the shell command authorization set at the group level, select the As
Group option.
Step 5 To assign a particular shell command authorization set to be effective on any
configured network device, follow these steps:
a. Select the Assign a Shell Command Authorization Set for any network
device option.
b. Then, from the list directly below that option, select the shell command
authorization set you want applied to this user.
Step 6 To create associations that assign a particular shell command authorization set to
be effective on a particular NDG, for each association, follow these steps:
a. Select the Assign a Shell Command Authorization Set on a per Network
Device Group Basis option.
b. Select a Device Group and an associated Command Set.
c. Click Add Association.
Result: The associated NDG and shell command authorization set appear in
the table.