I have a customer that I just installed CSM 3.2.1 SP1 for they chose the AAA model of MS Active Directory. Question is how do you setup any roles or groups in CSM so, when a person logs in they get a specific role.
You will have to create the user accounts locally on the CSM and assign them the corresponding priviledges manually. If you would like to assign the priviledges dynamicly from the ADS, then you need to integrate an ACS.
The CiscoWorks Server determines user roles. Therefore, all users must be in the local database of user IDs and passwords. Users who are authenticated by an alternative service and who are not in the local database are assigned to the same role as the guest user (by default, the Help Desk role).
If you configure Common Services to use Non-ACS for authentication, authorization services are provided by CiscoWorks Server.
In Non-ACS mode, you cannot change the roles, or the privileges assigned to these roles. However, a user can be assigned a combination of these roles. See Modifying Your Profile.
When the login module is ACS, both authentication and authorization takes place from ACS. Hence it is not mandatory that the user be present in the local database. The user roles will be as assigned in ACS.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...