Cisco Systems Servers Manuale Utente

7-39

Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide

78-13751-01, Version 3.0

Chapter 7 Setting Up and Managing User Accounts

Advanced User Authentication Settings

To configure and enable Cisco IOS RADIUS attributes to be applied as an
authorization for the current user, follow these steps:

Step 1

Perform Steps 1 through 3 of the

“Adding a Basic User Account” section on

page 7-5

Result: The User Setup Edit page opens. The username being added or edited
appears at the top of the page.

Step 2

Before configuring Cisco IOS RADIUS attributes, be sure your IETF RADIUS
attributes are configured properly. For more information about setting IETF
RADIUS attributes, see the

“Setting IETF RADIUS Parameters for a User”

section on page 7-37

Step 3

In the Cisco IOS/PIX RADIUS Attributes table, to specify the attributes to be
authorized for the user, follow these steps:

Select the [009\001] cisco-av-pair attribute check box.

Type the commands (such as TACACS+ commands) to be packed as a
RADIUS VSA.

Continue to select and define attributes, as applicable.

Step 4

Do one of the following:

If you are finished configuring the user account options, click Submit to
record the options.

To continue to specify the user account options, perform other procedures in
this chapter, as applicable.

Setting Ascend RADIUS Parameters for a User

The Ascend RADIUS parameters appear only if all the following are true:

•

A AAA client has been configured to use RADIUS (Ascend) in Network
Configuration.

•

The Per-user TACACS+/RADIUS Attributes check box is selected under
Advanced Options in the Interface Configuration section.

•

User-level RADIUS (Ascend) attributes you intend to apply have been
enabled under RADIUS (Ascend) in the Interface Configuration section.