G-25
Cisco Secure ACS 3.0 for Windows 2000/NT Servers User Guide
78-13751-01, Version 3.0
AppendixG O DBC Import Definitions Action Codes
174 ADD_IOS_
COMMAND UN|GN, VN,
V1 Authorizes the given Cisco IOS command and
determines if any arguments given to the command are
to be found in a defined set or are not to be found in a
defined set. The defined set is created using Actions
176 and 177:
GN=Group 1"
VN=telnet
V1=permit
or
UN=fred
VN=configure
V1=deny
The first example permits the Telnet command to be
authorized for users of Group 1. Any arguments can be
supplied to the Telnet command as long as they are not
matched against any defined via Action 176.
The second example permits the configure command
to be authorized for user fred, but only if the
arguments supplied are permitted by the filter defined
by a series of Action 176es.
175 REMOVE_IOS_
COMMAND UN|GN, VN Removes command authorization for the user or
group:
GN=Group 1"
VN=telnet
or
UN=fred
VN=configure
Users of Group 1 can no longer use the Cisco IOS
telnet command.
User fred can no longer use the configure command.
TableG-5 Action Codes for Modifying TACACS+ and RADIUS Group and User Settings (continued)
Action
Code Name Required Description