You must assign it a role, and this role defines what the user can do in the applications, even to the extent of what the To create these additionalĪccounts, you must have system administrator authority (for example, using the admin account). You can create as many additional user accounts as needed. The system identity user is considered the trustworthy accountīy other servers in the multi-server setup and therefore facilitates communication between servers that are part of a domain. On a trust model that uses certificates and shared secrets. The same system identity user account on all servers within the multi-server setup.
If you install Cisco Security Management suite applications on separate servers (the recommended approach), you must create Secure Access Control Server (ACS) for user authentication, you must assign it all privileges. If you create the account in Common Services, you must assign it system administrator privileges if you use Cisco This account does not have a fixed name you can create the account using whatever name fits your
System Identity - The system identity user account is equivalent to a Windows administrator and provides access to all Common Services and The following five permissions are assigned and set, automatically, at the time of Security Manager installation:Īccess this computer from network - casusersĭeny access to this computer from network - casuser Performing successful backups of all databases Doing so can lead to problems with your being able Permissions that are established during the installation of the product. Do not modify casuser (the default service account) or directory You do not normally use this account directly. To the server and to create other user accounts for normal day-to-day use of the applications.Ĭasuser - The casuser user account is equivalent to a Windows administrator and provides access to all Common Services and Security You can use this account to initially log in
You must enter the password during installation. For this reason, there are three predefined user accounts that are created onĪny system on which you install an application that runs on top of Common Services:Īdmin - The admin user account is equivalent to a Windows administrator and provides access to all Common Services, Security Manager,Īnd other application tasks. To users who have the required authorization. Understanding the Required Server User AccountsĬiscoWorks Common Services and Security Manager use a multilevel security system that allows access to certain features only
This chapter explains how to install the Security Manager server software and other server applications, namely CiscoWorks Mapping this to an e-mail address is strongly recommended.Installing and Upgrading Server Applications This includes the name the user will be identified as in Dashboard. More about Meraki Vision here.Ī username attribute must be passed in the SAML token/assertion, specifically ' '. This is the only change required if a user needs to be directed to the Meraki Vision portal instead of the Meraki dashboard. The second one labelled "Consumer URL (Vision)" will direct to the new Meraki Vision portal for camera viewing. The first will direct a user to the Meraki dashboard. This is provided as the Consumer URL on the Organization > Settings page under SAML Configuration.
if the configured subdomain is 'example' then the unique issuer / entitiy ID that would need to be configured with the IdP would be: ' '.
For SP-initiated SSO, a dynamic issuer / entity ID is used for each Meraki Dashboard organization that has the SP SAML feature enabled.Į.g.