Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Tacacs and Nexus

Hello,

At the present time, we manage authentification/authorization/accounting on cisco 65XX via tacacs. We have several groups of user with read/write and read with specific extension rights. I need to implement tacacs for a 7XXX Nexus. I would like to integrate it in the same group of 65XX (with same right for  user as for 65XX). I understand Nexus need specific configuration on tacacs. Do Ijust need to add for read/write user "shell:roles*network-admin vdc-admin" and for user with read with specific rights "shell:roles*network-operator vdc-admin" ?

2 REPLIES
Bronze

Tacacs and Nexus

That seems fine. I tried similar settings on Nexus but with Radius. But keep in mind if you assign users to network-operator role, they only have read right. If you want to give them some specific commands, you can create a new role and add specific commands to the role on Nexus and assign users to the role.

Zhenning

Cisco Employee

Tacacs and Nexus

Tristan

Also if you use ACS as tacacs server, please do not forget to configure casco-av-pair on it.

698
Views
0
Helpful
2
Replies
CreatePlease to create content