Radius

Chapter 2 Migrating from ACS 4.x to ACS 5.3

Functionality Mapping from ACS 4.x to ACS 5.3

Table 2-1	Functionality Mapping from ACS 4.x to ACS 5.3 (continued)

To configure...		In ACS 4.x, choose...		In ACS 5.3, choose...	Additional information for 5.3

Command sets (command		One of the following:		Policy Elements > Authorization	You can add command sets as
authorization sets)		•	Shared Profile	and Permissions > Device	results in authorization policy
		•	Shared Profile	Administration > Command Set	rules in a device administration
			Components >	Administration > Command Set	rules in a device administration
			Components >		access service.
			Command	See Creating, Duplicating, and	access service.
			Command	See Creating, Duplicating, and
			Authorization Set	Editing Command Sets for
		•	User Setup page	Device Administration,
		•	User Setup page	page 9-28.
		•	Group Setup page	page 9-28.
		•	Group Setup page

Shell exec parameters		User Setup page		System Administration >	Defined identity attribute fields
				Dictionaries > Identity >	appear in the User Properties
				Internal Users	page.
				See Managing Dictionaries,	You can use them as conditions
				page 18-5.	in access service policies.

Shell profiles (shell exec		Group Setup page		Policy Elements > Authorization	You can add shell profiles as
parameters or shell command				and Permissions > Device	results in authorization policy
authorization sets)				Administration > Shell Profile	rules in a device administration
				See Creating, Duplicating, and	access service.
				See Creating, Duplicating, and
				Editing a Shell Profile for
				Device Administration,
				page 9-23.

Date and time condition (Time		Group Setup page		Policy Elements > Session	You can add date and time
of Day Access)				Conditions > Date and Time	conditions to a policy rule in the
You cannot migrate the date				See Creating, Duplicating, and	Service Selection policy or in an
You cannot migrate the date				See Creating, Duplicating, and	authorization policy in an access
and time conditions. You have				Editing a Date and Time	authorization policy in an access
and time conditions. You have				Editing a Date and Time	service.
to recreate them in ACS 5.3.				Condition, page 9-3.	service.
to recreate them in ACS 5.3.				Condition, page 9-3.

RADIUS Attributes		One of the following:		Policy Elements > Authorization	You configure RADIUS
		•	Shared Profile	and Permissions > Network	attributes as part of a network
		•	Shared Profile	Access > Authorization Profile >	access authorization profile.
			Components >	Access > Authorization Profile >	access authorization profile.
			Components >	Common Tasks tab
			RADIUS	Common Tasks tab	You can add authorization
			RADIUS		You can add authorization
			Authorization	or	profiles as results in an
			Component	Policy Elements > Authorization	authorization policy in a network
		•	User Setup page	and Permissions > Network	access service.
		•	User Setup page	and Permissions > Network
		•	Group Setup page	Access > Authorization Profile >
		You cannot migrate the		RADIUS Attributes tab
		You cannot migrate the		See Creating, Duplicating, and
		RADIUS attributes		See Creating, Duplicating, and
		RADIUS attributes		Editing Authorization Profiles
		from user and group		Editing Authorization Profiles
		from user and group		for Network Access, page 9-18.
		setups. You have to		for Network Access, page 9-18.
		setups. You have to
		recreate them in ACS
		5.3.

User Guide for Cisco Secure Access Control System 5.3

2-6	OL-24201-01

Cisco Systems OL-24201-01 manual Radius

Models: OL-24201-01

Device Administration,

See Managing Dictionaries,

Editing a Shell Profile for

Device Administration,

Condition, page 9-3.

for Network Access, page 9-18.

setups. You have to

recreate them in ACS

OL-24201-01