07-11-2010 10:51 PM - edited 03-10-2019 05:15 PM
hi,
i am trying to get around 900 cisco routers authenticated through Cisco TACACS+ ,while doing this i added two clients and two users corrosponding to them,i hav two issues
1# if there is a user and a group each needed for each client if we add them individually.(i.e. 900 users and groups) ?
2 #I plan to group all my devices ,so i plan to form a NDG,i have prepared three shell command authorization sets and three users in three separate groups,
each user has different commands execution permission,can i use all three users on same NDG?(to acess all clients in the NDG with different privileges.
Kindly let me know if i m thinking on right lines and Is there any other way to administer such large no. of clients.
Kindly help,
Thanks.
07-12-2010 02:30 AM
hi,
i am trying to get around 900 cisco routers authenticated through Cisco TACACS+ ,while doing this i added two clients and two users corrosponding to them,i hav two issues
1# if there is a user and a group each needed for each client if we add them individually.(i.e. 900 users and groups) ?
2 #I plan to group all my devices ,so i plan to form a NDG,i have prepared three shell command authorization sets and three users in three separate groups,
each user has different commands execution permission,can i use all three users on same NDG?(to acess all clients in the NDG with different privileges.
Kindly let me know if i m thinking on right lines and Is there any other way to administer such large no. of clients.
Kindly help,
Thanks.
Hi Anu,
If you want to filter based on user for certain aaa clients then best is to have user based restriction on user profile and if user and group both need access to same client then it will best to restrci on group only is enough and assign those users to the same group in which you have applied.
Better to use users based on privillage level on different aaa clients rather on common group.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
07-13-2010 06:50 AM
could not find the solution for desired issue.kindly help
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: