Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco Security Manager - AD Integration

I have a customer that I just installed CSM 3.2.1 SP1 for they chose the AAA model of MS Active Directory. Question is how do you setup any roles or groups in CSM so, when a person logs in they get a specific role.

2 REPLIES
New Member

Re: Cisco Security Manager - AD Integration

You will have to create the user accounts locally on the CSM and assign them the corresponding priviledges manually. If you would like to assign the priviledges dynamicly from the ADS, then you need to integrate an ACS.

Just a short excerpt from the manual:

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_common_services_software/3.2/user/guide/admin.html#wp618133

The CiscoWorks Server determines user roles. Therefore, all users must be in the local database of user IDs and passwords. Users who are authenticated by an alternative service and who are not in the local database are assigned to the same role as the guest user (by default, the Help Desk role).

If you configure Common Services to use Non-ACS for authentication, authorization services are provided by CiscoWorks Server.

In Non-ACS mode, you cannot change the roles, or the privileges assigned to these roles. However, a user can be assigned a combination of these roles. See Modifying Your Profile.

When the login module is ACS, both authentication and authorization takes place from ACS. Hence it is not mandatory that the user be present in the local database. The user roles will be as assigned in ACS.

New Member

Re: Cisco Security Manager - AD Integration

From Security Manager, select Tools > Security Manager Administration > Server Security, then click Local User Setup.

Do one of the following:

•To create a new user, click Add and enter the user name, password, and e-mail address.

•To change the roles of an existing user, select the check box next to the user and click Edit.

Step 3 Click OK to save your changes.

Step 4 Restart Security Manager.

This will create a user and assign a role to it locally.

There is no documentation of support for Active Directory in CSM

1076
Views
0
Helpful
2
Replies