I'm hoping someone has already gone through this and has a nice answer for me. I'm looking to integrate our Cyclades ACS Console Servers into our Cisco ACS servers using TACACS+. At this point it's sort of working but not quite the way I want it to but I don't know what I'm missing.
As it stands I've set up TACACS+ on the Cyclades with TacacsPlus/Local. If I log in with my own credentials, which are derived from AD, it works but I am classed as a 'Regular User' with only the ability to start console sessions. What I would like is to be classed as 'Admin'. I'm guessing this needs setting in the Shell Profile but I don't know what I'm supposed to be specifying.
Please let me know if you know what to specify on the Cisco ACS server to get this working the way I want.
We have all of our Avocents running through LDAP/AD because at the time I couldn't find the right VSA for RADIUS. If you can get either the Radius dictionary or the TACACS attributes that ACS needs to see to map to a shell then I could help you write the profile.
That's the part I'm missing at the moment. I don't know what the TACACS attributes are for the ACS8's so I'm unable to have my login elevated above 'Regular User'. Once I know what the attribute and value need to be I can add that to the Shell Profile and I'll be set. It's just getting that list which is proving a challenge!
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :