12-03-2008 04:14 AM - edited 03-10-2019 04:13 PM
Hi,
I have just configured Cisco ACS for windows .In that i created two users, GUEST & ADMIN. ADMIN has all the rights but guest can only run "show" commands. Now my Bose is asking me to create different users & provide different priviledges to them.he asked me to use the best practices followed in industries.
So my query is : commonly what type of & how many users are created in Cisco ACS & what type of different priviledges provided to each? I know this is some thing not technical but still an expert who is familiar with its installations can answer/ show the road map to me!!!
Please its urgent!! i have only 1 day time!!!
12-09-2008 09:14 AM
There are three types of users. Their significance varies depending on whether the service requested is authentication.
1)Known users
2)Unknown users
3)Discovered users
01-08-2009 01:17 AM
Hi
Not easy to answer. You need to start with what your organisation wants/needs to achieve and then figure out how to implement in ACS.
Typically customers may have several groups of device administrators - perhaps on geography, BU or similar.
Device Command Sets (DCS) can be used to defined the various sets of permissions that any one group should get.
If you define your devices in Network Device Groups you can, for any given group, map to different DCS based upon which NDG is being accessed.
ie you can implement Role Based Access Control. This allows you to give say full access to Group A when managing device group X and perhaps read only when managing device group Y.
But the starting point is what your business needs and not what you can do in ACS.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide