Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
0
Helpful
1
Replies

AAA Authorization

dopenfield
Level 1
Level 1

‎08-03-2006 12:27 PM - edited ‎03-10-2019 02:41 PM

New ACS SE running 4.0 working fine for Network Engineers to access switches, etc with privilege 15.

Now trying to configure Help Desk with limited commands.

I can get the HD id to take the privilege level ACS assigns but can not seem to get the Command Authoriztion piece to have any effect.

Here is what we have configured on the AAA authorization on the switches...

aaa authorization exec default group tac_admin if-authenticated

Seem to be following this document...

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_white_paper09186a0080088893.shtml#wp40519

But the ID seems to be able to do anything with the privilege level not the ACS Command auth.

Don't want to have to re-assign privilege levels for commands across the campus.

What am I missing??

Labels:
0 Helpful
1 Reply 1

akorsvoll
Level 1
Level 1

‎08-07-2006 06:58 AM

You might want to add:

aaa authorization commands 15 default group tac_admin if-authenticated

--

Anders

0 Helpful
Customers Also Viewed These Support Documents