Cisco Security Manager - AD Integration

Unanswered Question
ROBERTO GIANA Fri, 11/21/2008 - 00:12

You will have to create the user accounts locally on the CSM and assign them the corresponding priviledges manually. If you would like to assign the priviledges dynamicly from the ADS, then you need to integrate an ACS.


Just a short excerpt from the manual:

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_common_services_software/3.2/user/guide/admin.html#wp618133

The CiscoWorks Server determines user roles. Therefore, all users must be in the local database of user IDs and passwords. Users who are authenticated by an alternative service and who are not in the local database are assigned to the same role as the guest user (by default, the Help Desk role).


If you configure Common Services to use Non-ACS for authentication, authorization services are provided by CiscoWorks Server.


In Non-ACS mode, you cannot change the roles, or the privileges assigned to these roles. However, a user can be assigned a combination of these roles. See Modifying Your Profile.


When the login module is ACS, both authentication and authorization takes place from ACS. Hence it is not mandatory that the user be present in the local database. The user roles will be as assigned in ACS.


adiwakar Tue, 12/09/2008 - 11:12

From Security Manager, select Tools > Security Manager Administration > Server Security, then click Local User Setup.


Do one of the following:


•To create a new user, click Add and enter the user name, password, and e-mail address.


•To change the roles of an existing user, select the check box next to the user and click Edit.


Step 3 Click OK to save your changes.


Step 4 Restart Security Manager.


This will create a user and assign a role to it locally.


There is no documentation of support for Active Directory in CSM

Actions

This Discussion