Cisco 3.3 User Manual
Page 271
7-25
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Chapter 7 User Management
Advanced User Authentication Settings
Before You Begin
•
For the TACACS+ service/protocol configuration to be displayed, a AAA
client must be configured to use TACACS+ as the security control protocol.
•
In the Advanced Options section of Interface Configuration, ensure that the
Per-user TACACS+/RADIUS Attributes check box is selected.
To configure TACACS+ settings for a user, follow these steps:
Step 1
Click Interface Configuration and then click TACACS+ (Cisco IOS). In the
TACACS+ Services table, under the heading User, ensure that the check box is
selected for each service/protocol you want to configure.
Step 2
Perform Step 1 through Step 3 of
Adding a Basic User Account, page 7-4
The User Setup Edit page opens. The username being added or edited is at the top
of the page.
Step 3
Scroll down to the TACACS+ Settings table and select the bold service name
check box to enable that protocol; for example (PPP IP).
Step 4
To enable specific parameters within the selected service, select the check box
next to a specific parameter and then do one of the following, as applicable:
•
Select the Enabled check box.
•
Specify a value in the corresponding attribute box.
To specify ACLs and IP address pools, enter the name of the ACL or pool as
defined on the AAA client. Leave the box blank if the default (as defined on
the AAA client) should be used. For more information about attributes, see
Appendix B, “TACACS+ Attribute-Value Pairs”
, or your AAA client
documentation. For information on assigning a IP ACL, see
Downloadable IP ACL to a User, page 7-21
Tip
An ACL is a list of Cisco IOS commands used to restrict access to or from
other devices and users on the network.
Step 5
To employ custom attributes for a particular service, select the Custom attributes
check box under that service, and then specify the attribute/value in the box below
the check box.