07-28-2008 01:22 PM
Getting a message about System Identity User not configured properly. Attaching screenshot. Any ideas?
07-28-2008 01:27 PM
You need to configure your System Identity User (as seen under Common Services > Server > Security > System Identity Setup) in ACS, and give it access to the Super Admin group for all LMS applications.
07-28-2008 04:47 PM
I may not be doing this correctly. For now I am only interested in having ACS do the authentication with a local user ids providing the authorization. What is the procedure to do this? Thanks.
07-28-2008 04:56 PM
Simply configure the TACACS+ login module under Common Services > Server > Security > AAA Mode Setup. Do NOT select the ACS radio button.
07-29-2008 04:42 AM
OK that worked until I rebooted the system. After rebooting the LMS server, the authentication via TACACS still works, but I no longer have administrative authority. I have to reset the login module back to local in order to get in with administrative authority.
07-29-2008 06:51 AM
It sounds like you're still integrated with ACS for authorization. If you're just using the TACACS+ login module ONLY, authorization should be handled by the local database. Of course, every user in the TACACS+ server must have a local entry in the LMS database. Make sure the username in TACACS+ matches exactly with one under Common Services > Server > Security > Local User Setup.
07-29-2008 07:14 AM
The usernames match exactly. Is there anyway to validate how it is trying to do the authorization with some debugging option so we can determine if it may be hanging on to some configuration from the failed attempt at using ACS for authorization, as you suggested? Thanks for your quick responses.
07-29-2008 07:23 AM
You can look in NMSROOT/MDC/etc/regdaemon.xml. If the AdminModule is set to ACS, then it is still using ACS for authorization. If set to CMF, then it's using the local database.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide