Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
995
Views
0
Helpful
2
Replies

ACS Tacacs+ aaa authorization commands

p.tavan
Level 1
Level 1

‎09-09-2004 07:09 AM - edited ‎03-10-2019 01:47 PM

Hi,

I would like to authorize only certain configuration commands by the Tacacs Server, so in the group setup of ACS, I have checked : command, I have written in the field : configure, and declared as arguments : permit terminal and permit snmp-server enable traps. But I can not configure snmp until I declare in the router : privilege config level 7 snmp-server enable. (I use a level 7 user)

My question is : is there a way to control the granularity of configuration commands on the ACS, in the same way as you can control the granularity of the show commands ?

Many thanks

Patrice

Labels:
0 Helpful
2 Replies 2

chandlerbr
Level 1
Level 1

‎09-17-2004 08:07 AM

Yes, you can get very granular using Command Authorization Sets and they can be applied to individual users or groups.

Setting Up and Managing Shared Profile Components

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapter09186a00800d9e6b.html

hth

0 Helpful

p.tavan
Level 1
Level 1
In response to chandlerbr

‎09-20-2004 01:34 AM

I thank you a lot for your answer that I am going to try.

Patrice

0 Helpful
Customers Also Viewed These Support Documents