Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Tacacs + CiscoWorks + Group Authentication

I have several AD users that login to Ciscoworks via Tacacs Authentication.

however, they do not have the access (system administrator) that I've specified in Tacacs for Group Authentication.

Users haven't been created on the Ciscoworks server, they only exist on Tacacs.

Do I have to create individual users on the the CW server, or switch to ACS mode on CW? Or should it work as is, and something is awry?

Thanks.

3 REPLIES
Red

Re: Tacacs + CiscoWorks + Group Authentication

If you are using LMS 2.5, then something is awry.

Previous versions of CiscoWorks used ACS simply for Authentication. If you wanted to provide more than guest access, then you needed to create the user in CiscoWorks and provide the proper role.

New Member

Re: Tacacs + CiscoWorks + Group Authentication

so LMS 2.5 using NON-ACS mode and tacacs+ authentication should work?

Red

Re: Tacacs + CiscoWorks + Group Authentication

Actually, LMS 2.5 using NON-ACS mode and tacacs+ authentication would work the same way as LMS 2.2

If you are on LMS 2.5, then you would have to set it up in ACS mode in order to define the roles on the ACS.

Additional information is available in Chapter 5 of the Common Services 3.0 Whitepaper:

http://www.cisco.com/application/pdf/en/us/guest/products/ps3996/c1244/cdccont_0900aecd802be11a.pdf

391
Views
4
Helpful
3
Replies
CreatePlease login to create content