beautypg.com

Cisco 3.3 User Manual

Page 799

background image

F-13

User Guide for Cisco Secure ACS for Windows Server

78-16592-01

Appendix F RDBMS Synchronization Import Definitions

Action Codes

270

SET_DCS_TYPE

UN|GN,
VN,V1,
Optional-
ly V2

Sets the type of device command set (DCS)
authorization for a group or user.

VN defines the service. Valid service types are:

shell—Cisco IOS shell command authorization.

pixshell—Cisco PIX command authorization.

Note

If additional DCS types have been added to
your Cisco Secure ACS, you can find the valid
value in the Interface Configuration page for
TACACS+ (Cisco IOS). The valid values
appear in parentheses after the service title,
such as

PIX Shell (pixshell)

.

V1 defines the assignment type. The valid values for
VN are:

none—Sets no DCS for the user or group.

as group—For users only, this value signifies that
the user DCS settings for the service specified
should be the same as the user group DCS settings.

static—Sets a DCS for the user or group for all
devices enabled to perform command authorization
for the service specified.

If V1 is set to static, V2 is required and must
contain the name of the DCS to assign to the user
or group for the given service.

ndg—Specifies that command authorization for the
user or group is to be done on a per-NDG basis. Use
action 271 to add DCS to NDG mappings for the
user or group.

Note

Changing a user or group assignment type (V1)
results in clearing previous data, including
NDG to DCS mappings (defined by action 271).

Table F-3

User Creation and Modification Action Codes (continued)

Action
Code

Name

Required

Description