Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACS 5.0 Limiting Access to specific device

Can anybody point me in the right direction...

I'm running ACS5.0 and i want to take 10 users and give them specific show command capability to 4 specific switches without affecting any other policy that I have in place presently and not let them view any other device in the network...

Any help would be greatly appreciated...


New Member

Re: ACS 5.0 Limiting Access to specific device

Sorry, I didnt mention I'm running ACS 5.0 on an appliance...Not the windows version....


Cisco Employee

Re: ACS 5.0 Limiting Access to specific device


     There are a couple of different ways you can accomplish this.  You can put those 4 specific devices in an NDG then as part of you authorization rule only allow those 10 users to access that NDG.  On your rules page will can use the customize button on the bottom right of the rules page to add NDG:Device Type or NDG:Device Location or other NDG to your page.  Alternatively you could also use a compound condition rule and check for NDG and group mapping.  You will probably have to create a second rule to deny those users from the rest of your devices.