07-02-2009 01:41 AM - edited 07-03-2021 05:47 PM
Hi,
I've configured WCS6.0 to authenticate the useres against the Cisco ACS.
I've assigned all tasks from "root"-group to my user profile on the ACS, so I should have the sames rights as the local root-user.
Now, when I try to view the audit-report I get
"Permission Denied
You do not have privileges for the requested operation."
Does anyone know the reason for this?
BTW: Same happens when I try to open "AP Timers" under the Confgure->Controllers dialog.
Regards Dirk
07-03-2009 06:32 PM
Make sure you are using root for the virtual domain on the upper right corner of WCS. If your roles in ACS are configured right, it should work.
07-06-2009 02:49 AM
Just using the Root-Domain, no other domains configured.
Copied the properties of the root-group exactly to the ACS configuration.
regards
07-06-2009 11:29 PM
There must be something wrong either on the WCS or ACS config.
If you feel the configuration you made is exactly step by step following :
http://www.cisco.com/en/US/docs/wireless/wcs/6.0/configuration/guide/6_0manag.html#wp1097777
AND
http://www.cisco.com/en/US/docs/wireless/wcs/6.0/configuration/guide/6_0admin.html#wpxref67416
Then open a TAC case. Usually the errors come from not configuring the virtual domains correctly, or misconfiguration on the ACS. At this point there are no bugs with WCS 6.0 and the integration with ACS.
Also, ACS 4.2 is the higher supported version. ACS express 5 neither ACS 5 are supported.
07-07-2009 04:48 AM
Hi,
did it exactly as specified in the documents.
Still the same error. Nothing in the error-log on the ACS.
Using ACS 4.1.(4) Build 13 Patch 11
Any ideas?
07-20-2009 09:44 AM
I'm trying to use TACACS in our WCS/WLCs to authenticate to our ACS 5 server with no luck either. I can't find any step-by-step docs anywhere. We upgraded the WCS to verison 6.0.132.0 in hopes this would help, but we are still stuck.
Also tried upgrading the WLCs to 6.0.182.0 with no better luck.
I get errors like this in the WLC logs:
Jul 20 17:05:39.928: %EMWEB-1-LOGIN_FAILED: ews_auth.c:2106 Login failed. User:xxxxx Service-Type is not present or it doesn't allow READ/WRITE permission
Any ideas?
07-29-2009 08:00 AM
WCS 6 has additional tasks listed (59 total) vs previous versions which only had about 45 in the task list. I was having issues with certain areas as well, but went into the AAA, Root export list and copied the new task list with al 59 and copied to the ACS atrributes under tacacs - no more problems.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide