[c-nsp] Radius Nexus 5k permissions
Scott Voll
svoll.voip at gmail.com
Thu Feb 14 17:48:11 EST 2013
Thanks all..... ended up being shell:roles="network-admin" This was for
ISE1.1.2 and Nexus 5k
Thanks
Scott
On Thu, Feb 14, 2013 at 12:59 PM, James Slepicka (c-nsp) <
cisco-nsp at slepicka.net> wrote:
> >> I think the AV-Pair was something like "shell:role=network admin" or
> whichever role you want assigned to that user.
> I'm using:
>
> shell:roles=network-admin
>
> I seem to recall shell:role not working (though that may've been w/ MDS
> gear)
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:
> cisco-nsp-bounces at puck.nether.net] On Behalf Of Eric Girard
> Sent: Thursday, February 14, 2013 1:18 PM
> To: Scott Voll; cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Radius Nexus 5k permissions
>
> -----Original Message-----
> >I have Radius setup on my Nexus 5k but I don't have permissions to copy
> run start. What is needed on the radius server?
>
> >I already have priv level 15.
>
> I don't have access to check on the systems that I did this on recently,
> but I recall that by default the Nexus does not pay attention to the
> :shell:priv-lvl" Cisco AV-Pair. Since the Nexus uses RBAC by default, I
> think the AV-Pair was something like "shell:role=network admin" or
> whichever role you want assigned to that user. Hope that helps,
>
> Eric
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list