Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

CW - Security

I have enabled RADIUS authentication. Now anyone can login to Ciscoworks. How can I limit it to only specfic users? How do I control Roles?

Cisco Employee

Re: CW - Security

You can't. Simply enabling one of the authentication modules does not give you any control over roles, or any control over which accounts on the AAA server can login. Any account which does not have a corresponding CiscoWorks account will be granted Help Desk privileges. The only way to do centralized authentication with authorization is to integrate CiscoWorks with ACS. This integration will use TACACS+ as the underlying protocol, and will give you complete control over role customization.

New Member

Re: CW - Security

Thank you for the explanation. If I have corresponding Local User account, I can then control the rolls. We are implementing ACS here soon so I will use that when it is available.


Cisco Employee

Re: CW - Security

If you have a corresponding local CiscoWorks account, then you can use the pre-defined CiscoWorks roles. However, with ACS, you get the ability to define your own roles on the ACS server.