Cisco 3.3 User Manual
Page 799
F-13
User Guide for Cisco Secure ACS for Windows Server
78-16592-01
Appendix F RDBMS Synchronization Import Definitions
Action Codes
270
SET_DCS_TYPE
UN|GN,
VN,V1,
Optional-
ly V2
Sets the type of device command set (DCS)
authorization for a group or user.
VN defines the service. Valid service types are:
•
shell—Cisco IOS shell command authorization.
•
pixshell—Cisco PIX command authorization.
Note
If additional DCS types have been added to
your Cisco Secure ACS, you can find the valid
value in the Interface Configuration page for
TACACS+ (Cisco IOS). The valid values
appear in parentheses after the service title,
such as
PIX Shell (pixshell)
.
V1 defines the assignment type. The valid values for
VN are:
•
none—Sets no DCS for the user or group.
•
as group—For users only, this value signifies that
the user DCS settings for the service specified
should be the same as the user group DCS settings.
•
static—Sets a DCS for the user or group for all
devices enabled to perform command authorization
for the service specified.
If V1 is set to static, V2 is required and must
contain the name of the DCS to assign to the user
or group for the given service.
•
ndg—Specifies that command authorization for the
user or group is to be done on a per-NDG basis. Use
action 271 to add DCS to NDG mappings for the
user or group.
Note
Changing a user or group assignment type (V1)
results in clearing previous data, including
NDG to DCS mappings (defined by action 271).
Table F-3
User Creation and Modification Action Codes (continued)
Action
Code
Name
Required
Description