Account Creation
To use Cisco Security Manager, you must log in with the admin account that you created during installation and create an account for each user. You can create the following types of accounts:
Note |
Beginning with Cisco Security Manager 4.21, Cisco Identity Services Engine (ISE) can be used for authentication purposes, in the place of earlier ACS server. |
Local Account
To create a local account:
-
Do one of the following:
-
If you currently have the Security Manager client open and are logged in with an admin account, you can select Tools > Security Manager Administration and select Server Security from the table of contents. The Server Security page has buttons that link to and open specific pages in Common Services. Click Local User Setup to navigate to the Local User Setup page in Common Services.
-
Using your web browser, link to the Security Manager server using the URL https://servername , where servername is the IP address or DNS name of the server. This URL opens the Security Manager home page. Click Server Administration to open Common Services. Point to Server > Single-Server Management > Local User Setup to navigate to the Local User Setup page in Common Services.
-
Click Add.
ACS Account
To create an ACS account:
-
Do one of the following:
-
If you currently have the Security Manager client open and are logged in with an admin account, you can select Tools > Security Manager Administration and select Server Security from the table of contents. The Server Security page has buttons that link to and open specific pages in Common Services. Click AAA Setup to navigate to the Authentication Mode Setup page in Common Services.
-
Using your web browser, link to the Security Manager server using the URL https://servername , where servername is the IP address or DNS name of the server. This URL opens the Security Manager home page. Click Server Administration to open Common Services. Point to Server > AAA Mode Setup to navigate to the Authentication Mode Setup page in Common Services.
-
Select ACS under AAA Mode Setup.
Tip |
An ACS account uses (1) the ACS type of AAA Mode Setup (this is on the Authentication Mode Setup page) and (2) the ACS login module in CiscoWorks Common Services. However, you do not need to select the ACS login module; it is selected for you automatically when you select the ACS type of AAA Mode Setup. |
Note |
Beginning with Cisco Security Manager 4.21, Cisco Identity Services Engine (ISE) can be used for authentication purposes, in the place of earlier ACS server. |
Non-ACS Account
To create a non-ACS account:
-
Do one of the following:
-
If you currently have the Security Manager client open and are logged in with an admin account, you can select Tools > Security Manager Administration and select Server Security from the table of contents. The Server Security page has buttons that link to and open specific pages in Common Services. Click AAA Setup to navigate to the Authentication Mode Setup page in Common Services.
-
Using your web browser, link to the Security Manager server using the URL https://servername , where servername is the IP address or DNS name of the server. This URL opens the Security Manager home page. Click Server Administration to open Common Services. Point to Server > AAA Mode Setup to navigate to the Authentication Mode Setup page in Common Services.
-
Select Local RBAC under AAA Mode Setup.
Tip |
A non-ACS account uses (1) the Local RBAC type of AAA Mode Setup (this is on the Authentication Mode Setup page) and (2) one of the following login modules in CiscoWorks Common Services: CiscoWorks Local (the default login module), Local NT System, MS Active Directory, RADIUS, or TACACS+. |