Problem with RME authorization via ACS

dperonto · ‎11-20-2007

Hello all.

I have just implemented ACS 4.1 on appliance and I am attempting to set user permissions for CiscoWorks.

ACS mode is working well and I am able to log into CW authenticating back to ACS. The problem starts when I attempt to restrict a user to a single NDG.

When I log into CW as the restricted user and try to view Archive Management I get the following error: You are not authorized to request the Action associated with screenID: "/DcmaArchiveSummary".

I get similar errors for any RME function.

The NDG restriction works fine in Common Services. User is only able to view devices in his NDG.

I have tried setting the permissions at group and user levels, no change.

I have restarted services and rebooted both the ACS appliance and CW Server (Solaris).

Any Ideas?

LMS 2.5

RME 4.0.4

Thanks

Dan

Joe Clarke · ‎11-20-2007

You have to make sure all users have access not only to the device NDG, but also to the NDG that contains the LMS server. If there is no association for the user's group to the LMS server NDG, then you will get this error. All LMS applications need to have this association.

dperonto · ‎11-21-2007

You sir, are a genius! This has resolved my problems, THANK YOU!

I have been browsing these forums for a few weeks now and I hope you realize how much you are appreciated here.

I sure hope you are getting paid to answer our questions. Heck, I'd like to express my gratitude with a little paypal donation ;)

Thanks again Mr. Clark.