How do I set up authorization using TACACS ACL's on my Uplogix Control Center

 

 

Note: The Uplogix Control Center must be running a minimum of version 4.0 for the following procedure.

 

1) On your ACS, create a group for your users and then edit it by clicking Edit Settings.

 

2) Then edit that group to include the following options: Shell (exec) and Access control list. Add a list of groups that you wish your users to be a part of, and then click Submit + Restart.

NOTE: If you are using ACS Authorization with Cisco IOS, the access control list field requires numbers (that map to privilege levels in IOS) and will stop working if letters are used. If IOS will be using the same users / groups as your Uplogix products, you can create groups on the Control Center with the names 1, 2, etc. (Submitted by Ross V.)

3) Next, create a user, or edit an existing user.

 

4) Assign the user a password, and assign them to the group we created above. Then click Submit.

 

5) Now, in the Control Center, go to Administration -> Groups -> Create Group.

 

Create a group here to match the sub-group(s) in the Access Control List created on the ACS.

 

Click save.

 

6) In your inventory, assign the group privileges as appropriate.

 

7) Now, when that user logs into an appliance using their TACACS user ID, they

 

will be given privileges based on their TACACS ACL and the group

 

associated with it.

 

* Note: If you have a stand alone appliance then you must assign each role individually, you can add permissions globally, you must add each resource individually.

 

 

Last updated on 2016-02-29 20:55:53 UTC.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments