Chapter6 Setting Up and Managing User Groups
Configuration-specific User Group Settings
6-18
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
Step 4 In the Token Card Settings table, to cache the token for the entire session, select
Session.
Step 5 Also in the Token Card Settings table, to cache the token for a specified time
period (measured from the time of first authentication) follow these steps:
a. Select Duration.
b. Type the duration length in the box.
c. Select the unit of measure, either Seconds, Minutes or Hours.
Step 6 To save the group settings you have just made, click Submit.
For more information, see the “Saving Changes to User Group Settings” section
on page 6-50.
Step 7 To continue specifying other group settings, perform other procedures in this
chapter, as applicable.
Setting Enable Privilege Options for a User GroupNote If this section does not appear, configure the interface to display advanced
TACACS+ settings. Click Interface Conf iguration, click T A CA CS+ (Cisco).
At the bottom of the page in the Advanced Configuration Options table, select
the Advanced TACACS+ features check box.
Perform this procedure to configure group-level TACACS+ enable parameters.
The three possible TACACS+ enable options are as follows:
•No Enable Privilege—(default) Select this option to disallow enable
privileges for this user group.
•Max Privilege for Any AAA Client—Select this option to select the
maximum privilege level for this user group for any AAA client on which this
group is authorized.
•Define max Privilege on a per-network device group basis—Select this
option to define maximum privilege levels for a NDG. To use this option, you
create a list of device groups and corresponding maximum privilege levels.
See your AAA client documentation for information about privilege levels.