Cisco Systems OL-24201-01 manual Configuring Device Administration Authorization Policies, 10-32

Select Access Policies > Access Services > service > Authorization.

The Device Administration Authorization Policy page appears as described in Table 10-17.

Table 10-17

Device Administration Authorization Policy Page

Option

Description

Status

Rule statuses are:

Name

Name of the rule.

Conditions

Conditions that define the scope of the rule. To change the types of conditions that the rule uses, click the

Customize button. You must have previously defined the conditions that you want to use.

Results

Displays the shell profiles and command sets that will be applied when the corresponding rule is matched.

You can customize rule results; a rule can apply shell profiles, or command sets, or both. The columns that

appear reflect the customization settings.

Hit Count

Number of times that the rule is matched. Click the Hit Count button to refresh and reset this column.

Default Rule

ACS applies the Default rule when:

• Enabled rules are not matched.

• No other rules are defined.

Click the link to edit the Default Rule. You can edit only the results of the Default Rule; you cannot delete,

disable, or duplicate it.

Customize

Opens the Customize page in which you choose the types of conditions and results to use in policy rules.

button

The Conditions and Results columns reflect your customized settings.

Caution If you remove a condition type after defining rules, you will lose any conditions that you

configured for that condition type.

Hit Count button

Opens a window that enables you to reset and refresh the Hit Count display in the Policy page. See

Displaying Hit Counts, page 10-10.

User Guide for Cisco Secure Access Control System 5.3

10-32

OL-24201-01