D-3
User Guide for Cisco Unified Service Monitor
OL-9351-01
AppendixD Configuring Service Monitor with Cisco Secure ACS
Configuring Service Monitor on Cisco Secure ACS
Configuring Service Monitor on Cisco Secure ACS
After you complete setting the CiscoWorks server to ACS mode with Cisco Secure ACS, perform the
following tasks on Cisco Secure ACS:
1. Click Shared Profile Components to verify that the Cisco Unified Service Monitor (Service
Monitor) application entry is present.
2. Based on your authentication setting (per user or per group) on Cisco Secure ACS, click either User
Setup or Group Setup.
On Cisco Secure ACS, verify the per user or per group setting for Cisco Unified Service Monitor
using Interface Configuration > TACACS + (Cisco IOS).
3. Assign the appropriate Service Monitor privileges to the user or group.
For Service Monitor, you must ensure that a user with the same name as the System Identity Setup
user is configured on Cisco Secure ACS and has Network Administrator privileges.
Note You configured the System Identity Setup user during Service Monitor installation. For more
information, click the CiscoWorks link on the Service Monitor home page and select
Common Services > Server > Security > Multi-Server Trust Management> System
Identity Setup.
You can modify roles on Cisco Secure ACS.
Step 1 Select Shared Profile Components > Cisco Unified Service Monitor.
Step 2 Click the Service Monitor role that you want to modify.
Step 3 Select the Se rvice Monitor tasks that suit your business workflow and needs.
Step 4 Click Submit.
Note If desired, you can also create new roles on Cisco Secure ACS.
Verifying the Service Monitor and Cisco Secure ACS Configuration
After performing the tasks in Configuring Service Monitor on Cisco Secure ACS, page D-3, verify the
configuration as follows:
1. Log in to Service Monitor with the username defined in Cisco Secure ACS.
2. Try to perform tasks, to ensure that you can perform only those tasks that you are entitled to perform
based on your privileges on Cisco Secure ACS.
For example: If your privilege is Help Desk, then:
You should be able to view the Cisco1040s that are managed by Service Monitor.