I test ACS 5.1 and have some questions to be answered
General concept suits me well (service policy, access policy and so on). Its very flexible but what Im looking for right now is the way to assign privilege-level attribute only to specific user. I've only managed to assign shell profiles to specific condition, but for me it doesn't make sense to create new rule per each user.
Is there a way to make it different? Similar to version 4.2 of ACS where user attributes overrided group attributes?
And the 2nd question:
what the Dictionaries (TACACS+, RADIUS) are for? they list only attrubutes (there are checkbox but for what purpose?). Where they can be used?
thx for explaination