I am trying to use TACACS as the primary method of authentication. The thing is that I configured in WAAS the values required (security word, primary server and secondary server). Also, in Authentication Method I chose TACACS as primary and local as the secondary.
After that I logged in to the WAAS using my TACACS account and I could enter, but the Navigation Pane is empty. It seems like my account doesn't have permissions to change config, but it is level 15 in TACACS ( I used to change config in Sw and routers).
I dont know if I am missing a step to config this feature either on the WAAS or the ACS.
TACACS really only provides a single "A" Authentication.
Are you allowed or not....
in order to provide Authorization, you need to still create the account in CM. and provide a role and domain in the user config.
Leave the Local user check box "unchecked" if you plane to use TACACS to Authenticate.
Im sure there is a way to provide authorization through complex custom attributes but it achieves the same goal via CM. once authenticated.