01-31-2007 02:47 PM - edited 03-10-2019 02:57 PM
I am trying to figure this out and not getting anywhere. I want to have acs use windows AD for authentication. Then I want the AD authed user to have priv-1 access. Then type 'enable' to gain enable access to the device if they have the enable password. I want the enable password to be centrally stored on the acs server, so that it is centrally managed for all devices. Where do I do this?
I know you can go to each user individually and configure them for a static enable password, but that is NOT what I am looking for. Any help would be great.
Thanks all - J
01-31-2007 02:56 PM
Hi,
Enable password can only be the following three :-
1. User's Login password which is set in ACS
2. A Static password defined for every user
3. The External db password.
We cannot have any "centrally set" enable password for every device.
Regards,
Vivek
01-31-2007 04:02 PM
Thanks. Given those options how would I be able to do this for users that are ONLY in the windows AD DB? We have NO user accounts in the internal acs db to statically configure passwords.
Although a user account is dynamically created by acs after someone logs in, but I am not sure how long this is cached and if it is wise to put the enable password in this dynamic account that may dissappear?? Thoughts?
Thanks.
-j
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: