Converting TACACS+ groups to SSO groups - BlueCat Integrity - 9.4.0

Address Manager Administration Guide

Locale
English
Product name
BlueCat Integrity
Version
9.4.0

Convert existing TACACS+ groups in Address Manager to SSO groups to migrate users and group membership claims.

Warning:
  • Before these performing the steps, you must install tacacs.net on the target Windows Server. The installation requires the .Net Framework enabled on Windows. For more information, go to https://www.tacacs.net/documentation/.
  • You must convert at least one LDAP group to an SSO admin group.
  • A TACACS+ group that has been converted to an SSO Group cannot be reverted back to a TACACS+ Group.
  1. Add TACACS+ as an authenticator in Address Manager. Refer to Adding external authenticators.
  2. Add LDAP groups in Address Manager. You can add an unlimited amount of TACACS+ groups. Refer to Adding TACACS+ user groups.
  3. Assign a specific access right to a non-admin group. Refer to Editing access rights and overrides.
  4. Log in to Address Manager as a TACACS+ user and confirm the user group and access right.
  5. In the Users and Groups page, select the Groups tab.
  6. In the Groups list, select the groups.
  7. Click Actions > Convert selected objects to SSO groups.
  8. Click Yes.