Chapter 6 Setting Up and Managing User Groups
Configuration-specific User Group Settings
6-18
User Guide for Cisco Secure ACS for Windows Server
78-14696-01, Version 3.1
Step 5
Also in the Token Card Settings table, to cache the token for a specified time
period (measured from the time of first authentication), follow these steps:
a.
Select Duration.
b.
Type the duration length in the box.
c.
Select the unit of measure, either Seconds, Minutes or Hours.
Step 6
To save the group settings you have just made, click Submit.
For more information, see
Saving Changes to User Group Settings, page 6-53
.
Step 7
To continue specifying other group settings, perform other procedures in this
chapter, as applicable.
Setting Enable Privilege Options for a User Group
Note
If this section does not appear, click Interface Configuration and then click
(Cisco). At the bottom of the page in the Advanced Configuration
Options table, select the Advanced features check box.
Perform this procedure to configure group-level enable parameters.
The three possible enable options are as follows:
•
No Enable Privilege—(default) Select this option to disallow enable
privileges for this user group.
•
Max Privilege for Any AAA Client—Select this option to select the
maximum privilege level for this user group for any AAA client on which this
group is authorized.
•
Define max Privilege on a per-network device group basis—Select this
option to define maximum privilege levels for an NDG. To use this option,
you create a list of device groups and corresponding maximum privilege
levels. See your AAA client documentation for information about privilege
levels.