Convert existing TACACS+ groups in Address Manager to SSO groups to migrate users and group membership claims.
Warning:
- Before these performing the steps, you must install tacacs.net on the target Windows Server. The installation requires the .Net Framework enabled on Windows. For more information, go to https://www.tacacs.net/documentation/.
- You must convert at least one LDAP group to an SSO admin group.
- A TACACS+ group that has been converted to an SSO Group cannot be reverted back to a TACACS+ Group.
- Add TACACS+ as an authenticator in Address Manager. Refer to Adding external authenticators.
- Add LDAP groups in Address Manager. You can add an unlimited amount of TACACS+ groups. Refer to Adding TACACS+ user groups.
- Assign a specific access right to a non-admin group. Refer to Editing access rights and overrides.
- Log in to Address Manager as a TACACS+ user and confirm the user group and access right.
- Select the Settings tab in the sidebar.
- Under User management, select Users and groups.
- Select the User groups tab.
- Select the checkbox for the TACACS+ group.
- Select .
- Add a Change control comment, if required.
- Select Confirm.