[c-nsp] Privilege levels and Secure ACS
Kim Onnel
karim.adel at gmail.com
Mon Jul 4 10:38:51 EDT 2005
Hi,
I want to differentiate NOC privileges from core engineers when working on
the routers.
We are using Cisco secure ACS 3.1, i quickly looked at old documentations,
but all i get is how to do it on the CLI, which if i understand correctly is
troublesome, i want the noc users to be able to show running-config, clear,
reload, ... and all the arguments for these commands, i used * and it worked
for all commands except for "sh run", i found my self having to add alot of
things.
privilege exec level 2 reload
privilege exec level 2 show running-config
privilege exec level 2 show
privilege exec level 2 clear ip route *
privilege exec level 2 clear ip route
privilege exec level 2 clear ip
privilege exec level 2 clear interface
privilege exec level 2 clear
And since i have ACS, i want to do it centralized on the ACS, is there any
new features i should be aware of, new stuff in ACS 3.3 or new IOS features
related.
Any guide on how to do it on ACS, tricks?
Regards
More information about the cisco-nsp
mailing list