Authorization per device

Unanswered Question
Jan 27th, 2010


I want to authorized user in Cisco ACS per network devices added in Cisco ACS 4.2. My theme is to give full access on device-1 and read-only access on device-2 to same user. Kindly guide me to do this.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jauhar1980 Wed, 01/27/2010 - 04:21

Yes, I am using Window Active Directory as a external database for authentication

Jatin Katyal Wed, 01/27/2010 - 05:12

Hi Atif,

You can assign Shell Auth. Sets at the user,group or NDG level.More details are mentioned on the following link:

You need to create two command set, one for "Read-only access" and other for " Full access"

Full access:

Read-only access:

Once you are done with command set after that edit the user/group setup > Jump to shell command authorizatio section

Look for the third option "Assign a Shell Command Authorization Set on a per Network Device Group Basis"

And there you can select the NDG's and command set > submit and restart.

Please make sure that you have all the required command authorization on the device.




Plz rate helpful posts-


This Discussion