Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
640
Views
0
Helpful
1
Replies

AAA Global config granularity

keyonj
Level 1
Level 1

‎02-09-2005 07:49 AM - edited ‎03-10-2019 02:00 PM

It seems as though, when running Cisco IOS/ACS on Win2K, you can only lock a individual down to user exec, prvi exec, but once they are allowed into global configuration they can access everything. The question is, does acs allow you to only allow certain commands in glabal config, such as allowing setting vlans but disallowing changing routing protocol configurations? It seems to be all or nothing.

Thanks for any advice.

Labels:
0 Helpful
1 Reply 1

sstudsdahl
Level 4
Level 4

‎02-09-2005 01:06 PM

You can use ACS to restrict the commands that are allowed. Take a look at the link below for "Command Authorization Sets".

http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs33/user/c.htm#wp697557

HTH

Steve

0 Helpful
Customers Also Viewed These Support Documents