Were you able to get this going successfully? I think you need to create a new service with name silverpeak:ip?
That did not work, still trying to get a dictionary going
I take it back, it did work. Partially. I can assign the correct role, admin or monitor, however, if no role is assigned(you login with a user who should be denied, it works). Just make sure in the SilverPeak auth setting to configure Authorization source to Remote Only.
Here is the TACACS Dictionary:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TipsContents xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader exportTime="Tue Nov 21 10:55:20 EST 2017" version="6.6"/>
<TacacsServiceDictionaries>
<TacacsServiceDictionary dispName="SilverPeak:IP" name="silverpeak:ip">
<ServiceAttribute dataType="String" dispName="role" name="role"/>
</TacacsServiceDictionary>
</TacacsServiceDictionaries>
</TipsContents>
In your enforcement policy the role is either 'admin' or 'monitor'
_ELiasz