Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1264
Views
0
Helpful
1
Replies

Time Based Authorization/Authentication on devices :: ACS 5.4

Jayavel Arumugam
Level 1
Level 1

‎08-22-2013 05:58 AM - edited ‎03-10-2019 08:48 PM

Hi,

Do we have any option where we can allow config access to a particular external/internal user for certain time period. Time based device access.

We've External Identity Store in our environment where user got authenticated via LDAP server.

For Example - There is a user 'X'. I want to grant him config access on devices from 8:00 AM to 11:00 PM daily. After that he should only has Read Only access on the devices.

Please let me know if any other information is required from my side.

My ACS Ver is 5.4

Regards,

SYED

Labels:
0 Helpful
1 Reply 1

Amjad Abdullah
VIP Alumni
VIP Alumni

‎08-22-2013 07:10 AM

  Hi,        

Yes. You need to create a date and time policy condition.

Policy Elements -> Session Conditions -> Date and Time.

You can specify the time there and then you can use the one you created in the authorization policy.

For example, you configure the date time condition to be from 8000 - 2300.

Then you go to the authorization policy and configure if it matches the date time instance then return a authorization profile (read write). otherwise (if not matching) return the authorization profile (read only).

(use shell profile instead if you are using TACACS+).

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful
Customers Also Viewed These Support Documents