Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Defining services in TACACS Server

I have to define the following IPSO-specific service in your TACACS+ server:

service = nokia-ipso {

Nokia-IPSO-User-Role = "role_name_on_IPSO"

Nokia-IPSO-SuperUser-Access = <0|1>

}

How can I do it?

1 REPLY
Silver

Re: Defining services in TACACS Server

To add a custom service to ACS...

Goto "Interface Configuration" then "TACACS+ (Cisco IOS)" and in the "New Services" section enter your new service "nokia-ipso" plus tick the user & group checkboxes. You might need to add "ip" as the protocol depending on what the actual T+ requests look like.

When you next edit a user or group you'll see a new TACACS+ service into which you can enter your custom attributes:

Nokia-IPSO-User-Role=role_name_on_IPSO

Nokia-IPSO-SuperUser-Access=<0|1>

Note that only very basic syntax checks are applied, basically as long as eahc line has somehing=something ACS will not complain, so its up to you to make sure the values are correct.

497
Views
5
Helpful
1
Replies
CreatePlease login to create content