Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
869
Views
0
Helpful
1
Replies

ACS4.x to ACS5.1 - Migrating "Tacacs New Services"

j3dickler
Level 1
Level 1

‎03-23-2010 07:40 AM - edited ‎03-10-2019 05:01 PM

.How can we migrate tacacs support for other software into acs5.1?  This  is supported in ACS4.x in the New Services section of the Interface  Configuration tab and appears in the User Group attributes at the bottom  of the tacacs section.  We actually have some custom attributes in  those entries.

Labels:
0 Helpful
1 Reply 1

jrabinow
Level 7
Level 7

‎03-23-2010 12:40 PM

ACS 5.1 has a differnt policy based approach to assigning priveleges as opposed to ACS 4.x where these were stored

in either the user/group definitions.

Won't go into all the explanations on this. You have some good materials on the "Welcome" page in the GUI

Out the box, all TACACS+ requests get handled by the "Default Device Admin" policy

You can see the authorization results by going to: "Access Policies > Access Services > Default Device Admin > Authorization"

If you click on Defaltl to see the ersults for the default rule and then press "Create" you can now create a new set of TACACS+ attribute to be returned. Go to the "Custom Attributes" tab and you can the custom attributes.

This describes how to do it out the box. Thsi wil evolve as you build up your policies

0 Helpful
Customers Also Viewed These Support Documents