We no longer use ACS version 4, but I may be able to give you some pointers.

You will need to define the ACS server as a TACACS server. This includes defining the IP address ranges of your networking devices that are allowed to communicate with the ACS server. On your networking devices, set them up to use TACACS (with a fallback to a local account) for authentication. There are plenty of examples of this on Cisco's web site, and most network vendors offer TACACS support on their gear.

On the ACS server, define a user. You should be able to limit this user to TACACS requests. You can also limit the commands that the user is allowed to execute.

In RANCID (the .clogin file), set it up with the user name you defined in ACS. You should be good to go.

Skye


________________________________
From: rancid-discuss-***@shrubbery.net <rancid-discuss-***@shrubbery.net> on behalf of Tayfun Sar¹ <***@gmail.com>
Sent: Thursday, December 05, 2013 11:19 PM
To: rancid-***@shrubbery.net
Subject: [rancid] ACS 4.2 and rancid config example...

Hi All,

Can anyone share the acs4.2 user/group config and switch config that is working with Rancid?

Regards