cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1916
Views
0
Helpful
1
Replies

Setting up read only tacacs for nexus

joe.fodor
Level 1
Level 1

Hello,

 

I am trying to set up read only access to our nexus equipment using tacacs in ISE. 

 

I am currently following along with this documentation: https://www.cisco.com/c/en/us/td/docs/security/ise/2-2/admin_guide/b_ise_admin_guide_22/b_ise_admin_guide_22_chapter_0111.html

 

In the tacacs profile here is what i have set up in the raw view with common task type being Nexus

shell:roles="network-operator vdc-operator"

 

my command sets are:

denying config t*

deny reload

permit show run

 

I dont think there is anything wrong with my admin policy set. 

 

When I log in and try to run any command I get this error:

Error: AAA authorization failed AAA_AUTHOR_STATUS_METHOD=16(0x10)

 

any help would be appreciated. 

 

1 Reply 1

hslai
Cisco Employee
Cisco Employee
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: