ANM RBAC users in ACS problem

eugene.fit · ‎02-16-2012

Hello everyone! Recently, configuring ANM I got stuck in user authentication.

I am trying to configure contexts on ACE, using ANM with RBAC users. To do it I am following

User Guide for the Cisco Application Networking Manager 4.3

What I have done:

On ANM

I made organization, domain, role and user.

The user is in role "farmer" and in domain as well (see screenshots).

On ACS

I made a user with proper settings according to User Guide for the ANM

"For example: ANM=Role1 Domain1"

However, when I try to connect I recieve next message:

No role is assigned to this user account. Contact your system administrator.

I believe that everything with configuration is done, but have I forgotten something?

It is just my first experience with it. On ACS there are no messages about failed attempts

Versions are: ANM 4.3, ACS 4.2

Daniel Arrondo Ostiz · ‎02-16-2012

Hi Evgeny,

It's hard to give you an answer on this without seeing your full ANM and ACS configuration, so it would probably easier if you open a TAC service request to have this investigated further.

Anyway, from what you described, I assume you are trying to do remote authorization (in which, you would not need to associate the user with a role on ANM). For that to work, when you define the organization, you need to configure a unique identifier for it (just under the remote authorization checkbox), for example "test-org". Then, on ACS, you need to would configure the atributes as "ANM_test-org= Role1 Domain1"

For more details, please check the link below

http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/application_networking_manager/4.3/user/guide/UG_admin.html#wp1547054

I hope this helps

Daniel