02-07-2006 10:13 AM
I have several AD users that login to Ciscoworks via Tacacs Authentication.
however, they do not have the access (system administrator) that I've specified in Tacacs for Group Authentication.
Users haven't been created on the Ciscoworks server, they only exist on Tacacs.
Do I have to create individual users on the the CW server, or switch to ACS mode on CW? Or should it work as is, and something is awry?
Thanks.
02-07-2006 10:41 AM
If you are using LMS 2.5, then something is awry.
Previous versions of CiscoWorks used ACS simply for Authentication. If you wanted to provide more than guest access, then you needed to create the user in CiscoWorks and provide the proper role.
02-08-2006 03:17 PM
so LMS 2.5 using NON-ACS mode and tacacs+ authentication should work?
02-08-2006 03:42 PM
Actually, LMS 2.5 using NON-ACS mode and tacacs+ authentication would work the same way as LMS 2.2
If you are on LMS 2.5, then you would have to set it up in ACS mode in order to define the roles on the ACS.
Additional information is available in Chapter 5 of the Common Services 3.0 Whitepaper:
http://www.cisco.com/application/pdf/en/us/guest/products/ps3996/c1244/cdccont_0900aecd802be11a.pdf
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide