18-39
User
Guide
for
the
Cisco
Application
Networking
Manager
5.2
OL-26572-01
Chapte
r
18
Administering
the
Cisco
Application
Networking
Manager
Using
an
AAA
Server
for
Remote
User
Authentication
and
Authorization
This
message
means
that
the
AD
server
rejected
the
user.
The
list
of
possible
error
codes
and
respective
descriptions
are
as
follows:
–
525—User
is
not
found
–
52e—User
credentials
are
invalid
–
530—User
is
not
permitted
to
log
on
at
this
time
–
531—User
is
not
permitted
to
log
on
from
this
workstation
–
532—Password
has
expired
–
533—Account
is
disabled
–
701—Account
has
expired
–
773—User
must
reset
their
password
–
775—Account
is
l
ocked
out
•
If
Step
3
fails,
the
message
is
as
follows:
User
authorization
failed:
User
is
not
defined
in
the
<
org_name
>
organization.
Configuring
Remote
User
Authen
tication
Using
a
TACACS+
Server
This
section
describes
how
to
configure
ANM
and
a
TACACS+
server
for
remote
user
authentication.
Note
For
background
information
about
configuring
an
AAA
server,
see
the
“Configuring
Authentication
and
Accounting
Services”
chapter
of
either
the
Cisco
ACE
Module
Security
Config
uration
Guide
or
Cisco
ACE
4700
Series
Appliance
Security
Configuration
Guide
on
www.cisco.com
.
Assumptions
This
topic
assumes
the
following:
•
For
purposes
of
this
example,
assume
usage
of
a
Cisco
Secure
ACS
version
4.1
server.
•
Your
user
role
det
ermines
whether
you
can
perform
the
pr
ocedures
outlined
in
t
his
section.
•
Administrative
login
rights
are
required
to
access
the
Cisco
Secure
ACS
HTML
interface.
Ta
b
l
e
18-11
provides
a
high-level
overview
of
the
steps
required
to
authenticate
ANM
users
with
a
TACACS+
server.
