Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

What privilege level is required...

We are looking to possibly delegate setting up AnyConnect to our Helpdesk (limited to ASDM, adding Apple UDIDs to a Access Policy.)  The question I have is what privilege level should be assigned that will allow them to add the UDID and limit (as much as possible) other changes?

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

You will need to define local

You will need to define local command authorization at custom privilege level at a level between 1-15 and assign the necessary commands to it (e.g Access-list, Configure, cmd in your example). Then assign your Helpdesk usernames that privilege level.

I don't believe you can restrict which access-lists they can edit - that's outside the scope of what you can do with ASDM (or the cli). you'd have to move to CSM or an external portal with more role-based access control tools built-in to get that granular.

See this section of the ASDM Configuration Guide for details.

2 REPLIES
Hall of Fame Super Silver

You will need to define local

You will need to define local command authorization at custom privilege level at a level between 1-15 and assign the necessary commands to it (e.g Access-list, Configure, cmd in your example). Then assign your Helpdesk usernames that privilege level.

I don't believe you can restrict which access-lists they can edit - that's outside the scope of what you can do with ASDM (or the cli). you'd have to move to CSM or an external portal with more role-based access control tools built-in to get that granular.

See this section of the ASDM Configuration Guide for details.

New Member

Thanks, Marvin, that is very

Thanks, Marvin, that is very helpful.  Thank you for taking the time to answer.smiley

197
Views
0
Helpful
2
Replies