Cisco Systems 3.3 Manual De Usuario
Chapter 1 Overview
AAA Server Functions and Concepts
1-20
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
AAA client that uses TACACS+. Also, you must provide the device-management
application with a valid administrator name and password. When a management
application initially communicates with Cisco Secure ACS, these requirements
ensure the validity of the communication. For information about configuring a
AAA client, see
application with a valid administrator name and password. When a management
application initially communicates with Cisco Secure ACS, these requirements
ensure the validity of the communication. For information about configuring a
AAA client, see
. For information about
administrator accounts, see
Additionally, the administrator used by the management application must have the
Create New Device Command Set Type privilege enabled. When a management
application initially communicates with Cisco Secure ACS, it dictates to
Cisco Secure ACS the creation of a device command set type, which appears in
the Shared Profile Components section of the HTML interface. It also dictates a
custom service to be authorized by TACACS+. The custom service appears on the
TACACS+ (Cisco IOS) page in the Interface Configuration section of the HTML
interface. For information about enabling TACACS+ services, see
Create New Device Command Set Type privilege enabled. When a management
application initially communicates with Cisco Secure ACS, it dictates to
Cisco Secure ACS the creation of a device command set type, which appears in
the Shared Profile Components section of the HTML interface. It also dictates a
custom service to be authorized by TACACS+. The custom service appears on the
TACACS+ (Cisco IOS) page in the Interface Configuration section of the HTML
interface. For information about enabling TACACS+ services, see
. For information about device
command-authorization sets for management applications, see
After the management application has dictated the custom TACACS+ service and
device command-authorization set type to Cisco Secure ACS, you can configure
command-authorization sets for each role supported by the management
application and apply those sets to user groups that contain network
administrators or to individual users who are network administrators. For
information about configuring a command-authorization set, see
device command-authorization set type to Cisco Secure ACS, you can configure
command-authorization sets for each role supported by the management
application and apply those sets to user groups that contain network
administrators or to individual users who are network administrators. For
information about configuring a command-authorization set, see
. For information about applying a shared
device command-authorization set to a user group, see
. For
information about applying a shared device command-authorization set to a user,
see
see
.