01-24-2007 08:51 PM - edited 02-21-2020 10:17 AM
Hi!
We are planning to implement such a solution (see the title). The task is to provide users with different levels of permissions (i.e to restrict access of administrator from one region to device in another region).
The problem is that we also need to prevent regional administrators from editing GLOBAL network/host, service and service group objects. At the same time we need to allow regional admins to edit LOCAL object groups.
And the question is: how can we implement such a mechanism (assuming that the regional admins' roles allow to modify objects)? Is that behaviour enabled in CSM (like it is enabled in VMS)?
Regards, Amir
PS. Sorry for my possible bad English.
02-01-2007 07:14 AM
This chapter describes how to troubleshoot common problems that could occur because of the way Security Manager and Cisco Secure ACS interact.
http://www.cisco.com/en/US/products/ps6498/prod_troubleshooting_guide_chapter09186a00806e23e3.html
09-20-2013 02:04 AM
Hello,
Please go through the document for Cisco Security Manager - Integration with ACS.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide