12-10-2015 10:58 AM - edited 03-10-2019 11:19 PM
Hi,
I am configuring a user account in ACS 4.2. I assigned privilege level 15 and exec access to user and it works.User can get into config mode.
Now I am adding a few custom attribute to that user to enable configuration access to a ace context.
After that the user loses the privilege level 15 and he gets privilege level 1 and the customer attributes takes effect.
Is there anyway I can keep both custom attributes and privilege level 15.
CF
12-10-2015 11:30 AM
Given the problem description, I suspect the custom attribute/value pairs are configured as mandatory. Since the IOS devices don't know what to do with them, and they are mandatory, authorization will fail, per design.
Try making the custom a/v pairs optional (i.e., use * instead of = when defining them).
12-10-2015 12:03 PM
This is how I defined the custom attribute:
shell:Context1*Admin default-domain
There is no = in the definition.
12-10-2015 12:22 PM
How do I assign privilege level 15 and exec access through custom attribute?
12-14-2015 09:10 AM
Anyone got idea about this problem?
How do I assign privilege level 15 and exec access through custom attribute?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide