SevOne SDN Collector Set APIC User Account
About
This document describes how to set an APIC User Account.
The user account used by SevOne SDN Solution to communicate with the APIC must have Role admin Access read in Security Domain all. Execute the following steps to set up a new user account for SevOne SDN Solution.
Note: APIC version 4.0 is used for the steps. If you are using a different version, the screenshots
may vary.
Set APIC User Account
- Login to the APIC with an account that has rights to create users.
- Select Admin tab.
- Right-click Users and select Create Local User.
- For STEP 1 > User Identity, enter values in the following fields. For example:
- Login ID: sevone
- Password: <password>
- Confirm Password: <password>
- First Name: SevOne
- Last Name: ACI Solution
- Click Next.
- For STEP 2 > Security, under the Security Domain section, select check box,
all.
- Click Next.
- For STEP 3 > Roles, click the icon for Domain all.
- Enter the following fields - Role Name and Role Privilege Type. For example, Role Name = admin and Role Privilege Type = Read.
- Click Update.
- Click Finish.
- Upon clicking the Finish button, you get the following.
- Double-click the sevone Login ID.
- Scroll down to Security Domains.
- Click the > next to Security Domain all to show assigned roles.
- Under the Security Domain all, ensure that Role admin and Access readPriv exist.
- Click Close to exit.
Set APIC User Account using TACACS
To meet SevOne requirement of the following, SevOne requires the Cisco AV pair associated with the sevone ACI account to be shell:domains=all//admin.
- Role: admin
- Access: read
- Security Domain in TACACS
For additional details, please refer to Cisco TACACS documentation (https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_ACI-TACACS-config.html).