Any guidance on configuring the shell profile for RBAC on ACS5.1 for ACE or Nexus 1000v? I've configured 4.x before with ACE and it works fine, but I can't seem to get it to work right with 5.1. On the Nexus it always logs me in as vdc-operator. On ACS 4.x I had to create the custom shell attribute as below for ACE.
That worked perfectly for the ACE. I knew it was close, but the context was just different enough from the 4.x that I was guessing wrong. What about for the Nexus roles? It keeps logging me in a vdc-operator. I've tried Attribute role: and Value of network-admin with optional also.
No, this is a new experience for me with the Nexus. The only thing I found was from the Nexus 7k documentation that mentions the role of network-admin must be assigned. I actually wish they would be more specific regarding special configurations for interoperability with ACS.
I ended up opening a TAC case and got the proper attributes.
Attribute would be "shell:roles"
Requirement is Optional
Value is "network-admin"
or on ACS4.2 it would be shell:roles*"network-admin"
For any others that might use this info
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
