How to set UCS Locales using Radius/Tacacs+ Attributes

Unanswered Question
Vincent La Bua Tue, 10/26/2010 - 14:02
User Badges:
  • Cisco Employee,

Something else to note:


/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;}

Configuring locales to the user roles are not valid as these are global-system users:


-          aaa


-          admin


-          operations




Locales can be configured only with following user roles:


-          Network


-          Server-equipment


-          Server-profile


-          Server-security


-          Storage

Peter Cronwright Thu, 07/21/2011 - 17:06
User Badges:

Is there an example of using locales with IAS or Radius, roles are working but the locales seem to be ignored. Should the locales be a seperate attribute or combined with the role?

Gabor Szabo Tue, 08/16/2011 - 15:15
User Badges:
  • Cisco Employee,

Hi Peter,


I have tested this using Tacacs and it had worked well:


         shell:roles*" " shell:locales*" "


          (single attribute, separator between role and locale is SPACE, separator between multiple roles/locales is also SPACE)


Probably the same syntax will work with Radius as well.


Cheers,

Gabor


Just a FYI to those out there trying to get Locales in UCSM working with with Cisco ACS 5.x.  The attached image is the method to create the proper shell profile attribute values for locales support in UCSM with TACACS+ as the authenication domain.  Vincent above also has it right on the priviledges available with locales support.


I am using the Manditory requirement as this shell profile is only used on Cisco UCS Devices.


I hope this saves someone a lot of frigging around! :-)


Jim

Actions

This Discussion