I am working setting up RBAC on my ACE-device. To give a user a specific role one use the Custom attribute "shell:<Context>*<Role> <Domain>".
The command is working if I define it directly on the user in adittion using Custom attribute directly. With that I meen not use a TACACS+ (Cisco IOS) -> "New Service" attached to the user.
Have anyone gotten this to work wither with (optional) or a "TACACS+ (Cisco IOS)-service". The same goes for both appliance and module.
Also, I am looking to get this working on a group. Not only on a user.
Thanks in advance for any help!