×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Radius with user privileges

Unanswered Question
Mar 27th, 2012
User Badges:

hello


i have a question.. i am building a test network en i want to be able to control the users

and with control i mean i want to be able to make sure that the can't delete the flash:

or the flash:vlan.dat


is there a way to to this with a windows 2008 R2 server..?


also what are the difference in privileges levels lets say:

level 1

or

level 2


and so on



thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Eduardo Aliaga Sat, 03/31/2012 - 20:11
User Badges:
  • Silver, 250 points or more

You can perform "command authorization" by using a TACACS servers like Cisco ACS.


Privilege level is a legacy tool to also perform "command authorization" but it's way better to use a TACACS server for that.


Please rate if it helps.

johan oosterwaal Sun, 04/01/2012 - 12:03
User Badges:

Yes this helps allot THANKS!


I can do some testing with this TACACS


But i have lookt at some information about the server. But i can't seem to find, if its possible to limit the user to some commands en disable delete commands


Sent from Cisco Technical Support iPhone App

Eduardo Aliaga Mon, 04/02/2012 - 13:38
User Badges:
  • Silver, 250 points or more

If you have Cisco ACS 5.x you can use "command authorization sets" . There's a free trial of Cisco ACS 5.x so you can test it even if you haven't purchase it.


Please rate if it helps . Kind regards

Actions

This Discussion