Cisco 3.3 User Manual
Page 225
6-35
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 6 User Group Management
Configuration-specific User Group Settings
Tip
To enter several commands, you must click Submit after specifying a
command. A new command entry box appears below the box you just
completed.
Configuring a PIX Command Authorization Set for a User Group
Use this procedure to specify the PIX command authorization set parameters for
a user group. There are three options:
•
None—No authorization for PIX commands.
•
Assign a PIX Command Authorization Set for any network device—One
PIX command authorization set is assigned, and it applies all network
devices.
•
Assign a PIX Command Authorization Set on a per Network Device
Group Basis—Particular PIX command authorization sets are to be effective
on particular NDGs.
Before You Begin
•
Ensure that a AAA client has been configured to use TACACS+ as the
security control protocol.
•
On the TACACS+ (Cisco) page of Interface Configuration section, ensure
that the PIX Shell (pixShell) option is selected in the Group column.
•
Make sure that you have already configured one or more PIX command
authorization sets. For detailed steps, see
Adding a Command Authorization
.
To specify PIX command authorization set parameters for a user group, follow
these steps:
Step 1
In the navigation bar, click Group Setup.
The Group Setup Select page opens.
Step 2
From the Group list, select a group, and then click Edit Settings.
The Group Settings page displays the name of the group at its top.