Cisco Systems OL-24201-01 manual Shell Profile Common Tasks

Chapter 9 Managing Policy Elements

Managing Authorizations and Permissions

•Submit to save your changes and return to the Shell Profiles page.

•The General tab to configure the name and description for the authorization profile; see Defining General Shell Profile Properties, page 9-25.

•The Custom Attributes tab to configure Custom Attributes for the authorization profile; see Defining Custom Attributes, page 9-28.

To substitute the static value of a TACACS+ attribute with a value of another attribute from one of the listed dynamic dictionaries, complete the following steps.

Step 1 Select System Administration > Configuration > Dictionaries > Identity > Internal Users to add attributes to the Internal Users Dictionary.

Step 2 Select Policy Elements > Authorization and Permissions > Device Administration > Shell Profiles to create a Shell Profile.

Step 3 Select Custom Attributes tab to create a new attribute and choose Dynamic as Attribute Value and correlate it to created attribute in Internal Users Dictionary.

Step 4 Create a new rule in Access Policies > Access Services > Default Device Admin > Authorization and choose the Results created as Shell Profile instead.

After authorization you will see the response as dynamic attribute value from Internal ID Store.

Related Topics

•Defining Custom Attributes, page 9-28

•Configuring Shell/Command Authorization Policies for Device Administration, page 10-34