Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco Prime Authorization

I have an ACS 4.2 server running - and it points to a remote ldap database.


aaa for our devices points to this tacacs server.  i tried to setup prime infrastructure to do the same, but i keep getting the authentication working, but then an error msg for the authorization prevents me from going further. 


i realize i can locally setup a user on PI - and give them admin status etc, but i'd really like to simply have PI point to our ACS and authenticate and authorize each user.  i don't want to have to set (or reset) a p/w for our admins to use Prime. 


is this possible?



Hall of Fame Super Silver

Cisco has phased out use of

Cisco has phased out use of an external server for authorization within the application. This used to be available with LMS 3.x but no longer is offered.

Currently all of the role-based authorization control (RBAC) for PI users has to be done locally on the server and cannot be derived from the roles defined in your ACS server.