18-10
User
Guide

for

the

Cisco

Application

Networking

Manager

5.2
OL-26572-01
Chapter
18






Administering

the

Cisco

Application

Networking

Manager
Configuring
User

Authentication

and

Authorization


AD/LDAPS
Note
For
detailed
procedures
about

remote
authentication,
see

the

“Configuring

Authentication

and
Accounting
Services”

chapter

of

either

the

Cisco

ACE

Module

Security

Configuration

Guide

or

Cisco
ACE
4700

Series

Appliance

Security

Configuration

Guide

on

www.cisco.com.
After
you

configure

an

organization,

all

authentication

transactions

are

performed

by

the

authentication
service
associated

with

that

organization.

Users

log

in

with

the

user

ID

and

password

associated

with

the
current
authentication

module.
Related
Topics


Managing
User
Accounts,

page
18-17


Managing
User

Roles,

page
18-25


Managing
Domains,

page
18-32


Using
an
AAA
Server

for
Remote
User
Authentication
and
Authorization,
page
18-38
Adding
a

New

Organization
You
can

add

organizations,

which

define

the

mechanism

for

authenticating

ANM

users:

local

using
ANM
or

re

mote

usi

ng

RADIUS,

TACACS+,

or

AD/LDAPS.

When

you

configure

an

organization

for
remote
authentication,

users

within

that

organization

have

their

passwords

validated

using

the

specified
remote
AAA

server.
You
can

al

so

configure

an

organization

to

use

a

TACACS+

server

for


remote

authorization

of

ANM
users.
To

use

remote

authorization,

you

must

also

configure

the

TACACS+

server

with

the

role

and
domains
associated

with

a

user

or

user

group

(see

the

“Configuring

Remote

User

Authorization

Using

a
TACACS+
Server”

section

on

page

18-45 ).
When
you

use

the

services

of

a

a

remote

AAA

server,

you

can

configure

the

organization

to

fall

back

to
using
local

authentication

and

authorization

when

the

remote

AAA

server

becomes

unavailable.
Procedure
Step
1
Choose
Admin
>

Role-Based

Access

Control

>

All

Organizations.
Step
2
Click
Add.
Step
3
Enter
the

name
of
the

new

organization

and

notes

if
required,
and

click
Save.
Step
4
Enter
the

attributes
described
in
Ta
b

l

e
18-2
.
Certain
attributes

will

display

when

specific

options

are

selected.