Users Guide
226 Dell Networking W-ClearPass Policy Manager 6.0 | User Guide
Figure 194: TACACS+ Enforcement Profiles (Commands tab)
Table 120:
Commands tab (TACACS+ Enforcement Profiles)
Container Description
Service
Type
Select Shell or PIX shell radio button.
Subsequent selections in this tab configure commands and arguments allowed/disallowed for this
selection.
Unmatched
Commands
Enable to permit commands that are not explicitly entered in the Commands field.
Commands Contains a list of the commands recognized for the specified Service Type:
To add a command, click Add. In the Configure Tacacs Command Authorization popup, enter values
for:
l Command. A string for the command. This is followed by one or more command argument rows.
l Command Arguments. The arguments for the command.
l Action. Click on Enable to permit check box to permit use of this command argument. If this box is
unchecked the column shows Deny and the command argument is not allowed.
l Click Trashcan to delete the command argument.
l Unmatched Arguments. Select Permit radio button to permit this command even if Policy
Manager receives arguments for the command that it does not recognize. Select Deny radio
button to deny the command if Policy Manager receives unrecognized arguments.
To save and exit, click outside the row you are editing.
To delete a command, click the Trashcan icon for that row.
Application Enforcement Profiles
Application Enforcement Profiles contain attribute-value pairs and other permissions related to authorization of
users of Dell Applications - GuestConnect and Insight. There are three different types of application enforcement
profile templates that can be selected:
l ClearPass Insight Enforcement - Attributes for users of Insight application.