Configuring ietf radius settings for a user group – Cisco 3.3 User Manual

Chapter 6 User Group Management

Configuration-specific User Group Settings

6-38

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Step 5

To prevent the application of any command authorization set for the applicable
device-management application, select the None option.

Step 6

To assign a particular command authorization set that affects device-management
application actions on any network device, follow these steps:

a.

Select the Assign a device-management application for any network device
option.

b.

Then, from the list directly below that option, select the command
authorization set you want applied to this group.

Step 7

To create associations that assign a particular command authorization set that
affects device-management application actions on a particular NDG, for each
association, follow these steps:

a.

Select the Assign a device-management application on a per Network Device
Group Basis option.

b.

Select a Device Group and a corresponding device-management
application.

c.

Click Add Association.

The associated NDG and command authorization set appear in the table.

Configuring IETF RADIUS Settings for a User Group

These parameters appear only when both the following are true:

•

A AAA client has been configured to use one of the RADIUS protocols in
Network Configuration.

•

Group-level RADIUS attributes have been enabled on the RADIUS (IETF)
page in the Interface Configuration section of the HTML interface.

RADIUS attributes are sent as a profile for each user from Cisco Secure ACS to
the requesting AAA client. To display or hide any of these attributes, see

Protocol

Configuration Options for RADIUS, page 3-11

. For a list and explanation of

RADIUS attributes, see

Appendix C, “RADIUS Attributes”

. For more

information about how your AAA client uses RADIUS, refer to your AAA client
vendor documentation.