Cisco Systems OL-24201-01 Camera Accessories User Manual


 
9-24
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 9 Managing Policy Elements
Managing Authorizations and Permissions
The Common Tasks tab allows you to select and configure the frequently used attributes for the profile.
The attributes that are included here are those defined by the TACACS protocol draft specification that
are specifically relevant to the shell service. However, the values can be used in the authorization of
requests from other services.
The Custom Attributes tab allows you to configure additional attributes. Each definition consists of the
attribute name, an indication of whether the attribute is mandatory or optional, and the value for the
attribute. Custom attributes can be defined for nonshell services.
For a description of the attributes that you specify in shell profiles, see Cisco IOS documentation for the
specific release of Cisco IOS software that is running on your AAA clients.
After you create shell profiles and command sets, you can use them in authorization and permissions
within rule tables.
You can duplicate a shell profile if you want to create a new shell profile that is the same, or similar to,
an existing shell profile.
After duplication is complete, you access each shell profile (original and duplicated) separately to edit
or delete them.
To create, duplicate, or edit a shell profile:
Step 1 Select Policy Elements > Authorization and Permissions > Device Administration > Shell Profiles.
The Shell Profiles page appears.
Step 2 Do one of the following:
Click Create.
Check the check box next to the shell profile that you want to duplicate and click Duplicate.
Click the name that you want to modify; or, check the check box next to the name that you want to
modify and click Edit.
The Shell Profile Properties page General tab appears.
Step 3 Enter valid configuration data in the required fields in each tab. As a minimum configuration, you must
enter a unique name for the shell profile; all other fields are optional. See:
Defining General Shell Profile Properties, page 9-25
Defining Common Tasks, page 9-25
Defining Custom Attributes, page 9-28
Step 4 Click Submit.
The shell profile is saved. The Shell Profiles page appears with the shell profile that you created or
duplicated.
Related Topics
Creating, Duplicating, and Editing Authorization Profiles for Network Access, page 9-18
Creating, Duplicating, and Editing Command Sets for Device Administration, page 9-28
Deleting an Authorizations and Permissions Policy Element, page 9-32
Configuring Shell/Command Authorization Policies for Device Administration, page 10-34