https://community.cisco.com/t5/network-access-control/acs-and-aaa-help/m-p/528683#M426773 <HTML><HEAD></HEAD><BODY><P>Hi Jon,</P><P></P><P>1. Refers to the previous post at:</P><P><A class="jive-link-custom" href="http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.1ddb89cb/0#selected_message" target="_blank">http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.1ddb89cb/0#selected_message</A></P><P></P><P>2.The audit feature that you're looking at is available for valid command once the user/admin entered 'conf t' command.</P><P></P><P>The following command can be used to monitor what commands are being entered by the user/admin:</P><P></P><P>aaa accounting network SAMPLE start-stop group tacacs+</P><P></P><P>You can see the report under ACS's "Logs and Reports" section - look for tacacs+. </P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#wp1005522" target="_blank">http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#wp1005522</A></P><P>*can also look under sample config.</P><P></P><P>Rgds,</P><P>AK</P></BODY></HTML> Mon, 31 Jul 2006 13:20:39 GMT a.kiprawih 2006-07-31T13:20:39Z https://community.cisco.com/t5/network-access-control/acs-and-aaa-help/m-p/528682#M426770 <P>I've just configured ACS and TACACS+ for access to our switches using our AD for authentication. It works fine.</P><P></P><P>What I would like to know is firstly how can I configure ACS to only allow access to our switches if you belong in a particular AD group or ACS group as at the moment anyone can login to our switches if they are a user on the domain?</P><P></P><P>Secondly is there a way within TACACS+ to audit every single command that is entered while someone is loggin into a switch?</P><P></P><P>Any help would be much appreciated.</P><P></P><P>Thanks</P><P></P><P>Jon</P> Sun, 10 Mar 2019 21:41:09 GMT https://community.cisco.com/t5/network-access-control/acs-and-aaa-help/m-p/528682#M426770 jonchill 2019-03-10T21:41:09Z https://community.cisco.com/t5/network-access-control/acs-and-aaa-help/m-p/528683#M426773 <HTML><HEAD></HEAD><BODY><P>Hi Jon,</P><P></P><P>1. Refers to the previous post at:</P><P><A class="jive-link-custom" href="http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.1ddb89cb/0#selected_message" target="_blank">http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&amp;CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.1ddb89cb/0#selected_message</A></P><P></P><P>2.The audit feature that you're looking at is available for valid command once the user/admin entered 'conf t' command.</P><P></P><P>The following command can be used to monitor what commands are being entered by the user/admin:</P><P></P><P>aaa accounting network SAMPLE start-stop group tacacs+</P><P></P><P>You can see the report under ACS's "Logs and Reports" section - look for tacacs+. </P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#wp1005522" target="_blank">http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca7aa.html#wp1005522</A></P><P>*can also look under sample config.</P><P></P><P>Rgds,</P><P>AK</P></BODY></HTML> Mon, 31 Jul 2006 13:20:39 GMT https://community.cisco.com/t5/network-access-control/acs-and-aaa-help/m-p/528683#M426773 a.kiprawih 2006-07-31T13:20:39Z