Different privelege level for Active directory users
We have integrated Acs 4.1se with windows active directory.now we need to give certain users full privige to some client devices and only show level privilege to some devices.what is the neccessary steps required in ACS and ACS clients.Also how much time the dynamic users will remain in ACSthanks in advance
Re: Different privelege level for Active directory users
I forgot to add one more query
After configuring neccessary steps in ACS for command authorization ,I am not able to to get into enable mode for Priv level 1 user.(read only access).I set priv level 1 under TACACS+ settings section,Because i want to give only show access(all show commands) to certain devices
Following error recived for enable command in router
Command authorization failed.
For read& write access it is working fine.these r the configuration in router
aaa authorization config-commands
aaa authorization commands 0 default group tacacs+ local
aaa authorization commands 1 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...