question

Marcus-9726 avatar image
0 Votes"
Marcus-9726 asked

Command sets in Microsoft NPS - RADIUS

My current environment have a Cisco ACS which configure the TACACS+ for network devices. With the current settings, we can specify Shell Profiles and Command Sets for the devices access.

Shell Profile: define user access privileges (such as Admin acccess, or read-only access)
Command Sets: define which commands to be permitted or denied

I'm migrating the policies from Cisco ACS to Microsoft NPS. However, from the network connection policy I can only specify RADIUS attributes to achieve the Shell profile features like below to allow admin/read-only access.

146155-image.png



But I can't find the options to specify any commands set for the policy. As I know TACACS+ is not supported in Microsoft NPS but is there any other ways that I can allow/block certain commands to be executed with RADIUS attributes?

windows-server
image.png (16.7 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

0 Answers