Home > Cisco > Control System > Cisco Acs 5x User Guide

Cisco Acs 5x User Guide

Here you can view all the pages of manual Cisco Acs 5x User Guide. The Cisco manuals for Control System are available online for free. You can easily download all the documents as PDF.

Overview View all the pages Comments

Page 251

9-21
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Specifying RADIUS Attributes in Authorization Profiles
Use this tab to configure which RADIUS attributes to include in the Access-Accept packet for an 
authorization profile. This tab also displays the RADIUS attribute parameters that you choose in the 
Common Tasks tab.
Step 1Select Policy Elements > Authorization and Permissions > Network Access >...

Page 252

9-22
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Step 3To configure:
Basic information of an authorization profile; see Specifying Authorization Profiles, page 9-19.
Common tasks for an authorization profile; see Specifying Common Attributes in Authorization 
Profiles, page 9-19.
RADIUS Attribute  Name of the RADIUS attribute. Click Select to choose a RADIUS attribute from the specified 
dictionary....

Page 253

9-23
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Creating and Editing Security Groups
Use this page to view names and details of security groups and security group tags (SGTs), and to open 
pages to create, duplicate, and edit security groups.
When you create a security group, ACS generates a unique SGT. Network devices can query ACS for 
SGT information. The network device uses the SGT to tag, or...

Page 254

9-24
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
The Common Tasks tab allows you to select and configure the frequently used attributes for the profile. 
The attributes that are included here are those defined by the TACACS protocol draft specification that 
are specifically relevant to the shell service. However, the values can be used in the authorization of 
requests from other services.
The Custom...

Page 255

9-25
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Defining General Shell Profile Properties
Use this page to define a shell profile’s general properties.
Step 1Select Policy Elements > Authorization and Permissions > Device Administration > Shell Profiles, 
then do one of the following:
Click Create.
Check the check box next to the shell profile that you want to duplicate and click Duplicate.
Click the...

Page 256

9-26
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Table 9-9 Shell Profile: Common Tasks
Option Description
Privilege Level
Default Privilege (Optional) Enables the initial privilege level assignment that you allow for a client, through shell 
authorization. If disabled, the setting is not interpreted in authorization and permissions.
The Default Privilege Level specifies the default (initial) privilege...

Page 257

9-27
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Step 3Click:
Submit to save your changes and return to the Shell Profiles page.
The General tab to configure the name and description for the authorization profile; see Defining 
General Shell Profile Properties, page 9-25.
The Custom Attributes tab to configure Custom Attributes for the authorization profile; see 
Defining Custom Attributes, page 9-28....

Page 258

9-28
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Defining Custom Attributes
Use this tab to define custom attributes for the shell profile. This tab also displays the Common Tasks 
Attributes that you have chosen in the Common Tasks tab.
Step 1Edit the fields in the Custom Attributes tab as described in Ta b l e 9 - 1 0:
Step 2Click:
Submit to save your changes and return to the Shell Profiles page....

Page 259

9-29
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
After you create command sets, you can use them in authorizations and permissions within rule tables. 
A rule can contain multiple command sets. See Creating, Duplicating, and Editing a Shell Profile for 
Device Administration, page 9-23. 
NoteCommand sets support TACACS+ protocol attributes only.
To create, duplicate, or edit a new command set:
Step...

Page 260

9-30
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9      Managing Policy Elements
  Managing Authorizations and Permissions
Step 4Click Submit.
The command set is saved. The Command Sets page appears with the command set that you created or 
duplicated.
Table 9-11 Command Set Properties Page
Field Description
Name Name of the command set.
Description (Optional) The description of the command set.
Permit any 
command that is not 
in the table belowCheck to allow all commands...

Start reading Cisco Acs 5x User Guide

Related Manuals for Cisco Acs 5x User Guide

Cisco Acs 57 User Guide
584 pages | Cisco Control System

All Cisco manuals