Please go to the group that belongs to the user in question and make sure we have shell exec checked with priv 15
Bring users/groups in at level 15
1. Go to user or group setup in ACS
2. Drop down to "TACACS+ Settings"
3. Place a check in "Shell (Exec)"
4. Place a check in "Privilege level" and enter "15" in the adjacent field
Also check passed authenticate logs and make sure that user are mapped to the right group of acs.
Regards,
~JG
Do rate helpful posts