Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1392
Views
4
Helpful
3
Replies

Tacacs + CiscoWorks + Group Authentication

RouterTech1
Level 1
Level 1

‎02-07-2006 10:13 AM

I have several AD users that login to Ciscoworks via Tacacs Authentication.

however, they do not have the access (system administrator) that I've specified in Tacacs for Group Authentication.

Users haven't been created on the Ciscoworks server, they only exist on Tacacs.

Do I have to create individual users on the the CW server, or switch to ACS mode on CW? Or should it work as is, and something is awry?

Thanks.

Labels:
0 Helpful
3 Replies 3

nhabib
Level 9
Level 9

‎02-07-2006 10:41 AM

If you are using LMS 2.5, then something is awry.

Previous versions of CiscoWorks used ACS simply for Authentication. If you wanted to provide more than guest access, then you needed to create the user in CiscoWorks and provide the proper role.

RouterTech1
Level 1
Level 1
In response to nhabib

‎02-08-2006 03:17 PM

so LMS 2.5 using NON-ACS mode and tacacs+ authentication should work?

0 Helpful

nhabib
Level 9
Level 9
In response to RouterTech1

‎02-08-2006 03:42 PM

Actually, LMS 2.5 using NON-ACS mode and tacacs+ authentication would work the same way as LMS 2.2

If you are on LMS 2.5, then you would have to set it up in ACS mode in order to define the roles on the ACS.

Additional information is available in Chapter 5 of the Common Services 3.0 Whitepaper:

http://www.cisco.com/application/pdf/en/us/guest/products/ps3996/c1244/cdccont_0900aecd802be11a.pdf

0 Helpful
Customers Also Viewed These Support Documents