Re: ACS, CS, Authentication and Rights

mrashby · ‎09-29-2008

All,

I have cisco works authenticating using TACACS+ and authorizing using ACS. I set this up last Friday and now this morning, Monday, I can log in using the ACS server but I can't do anything. I can't run any reports I can't see my devices in common services, nor can I do any of the other administrative tasks I used to be able to do before hooking up with the ACS server, call it a rookie mistake. I did some reading and the Cisco Works help page says to setup the System Identity User with all privileges for all the applications in ACS mode. Now can someone tell me how I can log into Cisco Works with out using the ACS so that I can make the changes to the System Identity User. Also I have attached a picture of what my current situation on my cisco works CS page looks like just to give an idea of what I have. Thanks

Mario

aghaznavi · ‎10-03-2008

To select set the login module to TACACS+, follow these steps:

1. Select Server Configuration > Setup > Security > Select Login Module

2. Click TACACS+ in the Available Login Modules field (Figure 7) and click Next.

The Login Module Options page appears (Figure 8).

3. In the Server field, enter the server name or IP address of your ACS server.

4. In the Port field, enter the ACS service port number (49 for TACACS+).

5. In the Key field, enter the shared secret that was entered when you configured ACS to accept CiscoWorks Common Services as a client (see Figure 2).

6. Select the False radio button next to Debug.

7. Select a login fallback option:

For further information click this link.

http://www.cisco.com/warp/public/cc/pd/sqsw/sq/tech/mcacs_wp.htm