Cisco Systems 3.3 Manual De Usuario
7-25
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 7 User Management
Advanced User Authentication Settings
Before You Begin
•
For the TACACS+ service/protocol configuration to be displayed, a AAA
client must be configured to use TACACS+ as the security control protocol.
client must be configured to use TACACS+ as the security control protocol.
•
In the Advanced Options section of Interface Configuration, ensure that the
Per-user TACACS+/RADIUS Attributes check box is selected.
Per-user TACACS+/RADIUS Attributes check box is selected.
To configure TACACS+ settings for a user, follow these steps:
Step 1
Click Interface Configuration and then click TACACS+ (Cisco IOS). In the
TACACS+ Services table, under the heading User, ensure that the check box is
selected for each service/protocol you want to configure.
TACACS+ Services table, under the heading User, ensure that the check box is
selected for each service/protocol you want to configure.
Step 2
Perform Step 1 through Step 3 of
The User Setup Edit page opens. The username being added or edited is at the top
of the page.
of the page.
Step 3
Scroll down to the TACACS+ Settings table and select the bold service name
check box to enable that protocol; for example (PPP IP).
check box to enable that protocol; for example (PPP IP).
Step 4
To enable specific parameters within the selected service, select the check box
next to a specific parameter and then do one of the following, as applicable:
next to a specific parameter and then do one of the following, as applicable:
•
Select the Enabled check box.
•
Specify a value in the corresponding attribute box.
To specify ACLs and IP address pools, enter the name of the ACL or pool as
defined on the AAA client. Leave the box blank if the default (as defined on
the AAA client) should be used. For more information about attributes, see
defined on the AAA client. Leave the box blank if the default (as defined on
the AAA client) should be used. For more information about attributes, see
, or your AAA client
documentation. For information on assigning a IP ACL, see
.
Tip
An ACL is a list of Cisco IOS commands used to restrict access to or from
other devices and users on the network.
other devices and users on the network.
Step 5
To employ custom attributes for a particular service, select the Custom attributes
check box under that service, and then specify the attribute/value in the box below
the check box.
check box under that service, and then specify the attribute/value in the box below
the check box.