NAM Access Roles via ACS

Unanswered Question
May 11th, 2010
User Badges:


We need a working HowTo to create Read-Only User for NAM (v4.1) controlled by ACS. ACS- Password integration is working, but all ACS-Users will entering with full permissions into the NAM, we doesnt want.

We tried the procedure found in the online help and slightly different found in this forum, but both doesnt work:

In ACS: Set ---Per Group Command Authorization--then select permit and under command tab type web and under this permit the following commands

deny accountmgmt
deny system
permit capture
deny alarm
permit collection
permit view

Is there a minimum version of ACS a requirement for doing this kind of access roles?

thx for hints, Steffen

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joe Clarke Tue, 05/11/2010 - 21:34
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

The NAM works with ACS up to 4.2.  ACS 5.0 is not supported as it was not tested, and has substantial changes.  It appears that patch

5-1-0-44-2 may re-add NAM support (to ACS 5.1), but this has not been verified.


This Discussion