TACACS implementation Cisco Nexus 9364C Switch NXOS: version 10.4(4)

charles-james · ‎02-28-2025

I recently upgraded a to NXOS version 10.4(4) on a Nexus 9364C . I used the same TACACS configuration I've been using, but on this pair of switches, after logging in, when I try to do something like Sho run I'm getting '% Permission denied for the role'. I used the same configuration on a pair of Nexus9000 C9336C-FX2 version NXOS 10.4(4). When I log in I'm granted an admin role. But now on the 9364Cs I'm coming in as operator/level 0. I'm using the same config on Nexus 9364C running NXOS: version 9.3(11) with no issues. Is there something unique about using 10.4(4) on a 9364C that could be causing this

AAA configuration on both pair is:

aaa authentication login default group infrasec-tacacs
aaa accounting default group infrasec-tacacs
aaa authentication login ascii-authentication
tacacs-server directed-request
system login block-for 100 attempts 3 within 100

M02@rt37 · ‎03-01-2025

Hello @charles-james

With the command #show user-account, which role is assigned to your user ? Operator like you said ?

Review TACACS+... I suspect that you should adjust shell command about the role. What is the actual configuration ?

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

charles-james · ‎03-03-2025

roles:network-operator prior to upgrading the IOS it would be priv-0

MHM Cisco World · ‎05-05-2025

Tacacs don't use attribute like radius' try use radius

MHM

latakid644 · ‎05-05-2025

The Fire Kirin app is primarily designed for Android devices. However, iOS users may be able to access the game through web-based platforms or specialized installers.