Техническая Инструкция для Cisco Cisco Identity Services Engine Software
Contents
Introduction
Prerequisites
Requirements
Components Used
Configure
Network Diagram
Configurations
Configure ISE for Authentication and Authorization
Join ISE 2.0 to Active Directory
Add Network Device
Enable Device Admin Service
Configuring TACACS Command Sets
Configuring TACACS Profile
Configuring TACACS Authorization Policy
Configure the Cisco IOS Router for Authentication and Authorization
Verify
Cisco IOS Router Verification
ISE 2.0 Verification
Troubleshoot
Related Information
Related Cisco Support Community Discussions
Introduction
This document describes how to configure TACACS+ Authentication and Command Authorization
based on Microsoft Active Directory (AD) group membership of a user with Identity Service Engine
(ISE) 2.0 and later. ISE uses AD as an external identity store to store resources such as users,
machines, groups, and attributes.
based on Microsoft Active Directory (AD) group membership of a user with Identity Service Engine
(ISE) 2.0 and later. ISE uses AD as an external identity store to store resources such as users,
machines, groups, and attributes.
Prerequisites
Requirements
Cisco recommends that you have knowledge of these topics:
IOS Router is fully operational
●
Connectivity between Router and ISE.
●
ISE Server is bootstrapped and has connectivity to Microsoft AD
●
Components Used
The information in this document is based on these software and hardware versions: