6-33
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Chapter 6 Setting Up and Managing User Groups
Configuration-specific User Group Settings
Before You Begin
• Ensure that a AAA client has been configured to use TACACS+ as the
security control protocol.
• In the TACACS+ (Cisco) section of Interface Configuration, ensure that the
PIX Shell (pixShell) option is selected in the Group column.
• Ensure that you have previously configured one or more PIX command
authorization sets. For detailed steps, see the “Command Authorization Sets
Configuration” section on page 5-14.
To specify PIX command authorization set parameters for a user group, follow
these steps:
Step 1 In the navigation bar, click Group Setup.
Result: The Group Setup Select page opens.
Step 2 From the Group list, select a group, and then click Edit Settings.
Result: The Group Settings page displays the name of the group at its top.
Step 3 From the Jump To list at the top of the page, choose TACACS+.
Result: The system displays the TACACS+ Settings table section.
Step 4 Scroll down to the PIX Command Authorization Set feature area within the
TACACS+ Settings table.
Step 5 To prevent the application of any PIX command authorization set, select (or
accept the default of) the None option.
Step 6 To assign a particular PIX command authorization set to be effective on any
configured network device, follow these steps:
a. Select the Assign a PIX Command Authorization Set for any network
device option.
b. From the list directly below that option, select the PIX command
authorization set you want applied to this user group.
