Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
899
Views
1
Helpful
3
Replies

Authorization Question2

cannonscott
Level 1
Level 1

‎01-31-2005 12:05 PM - edited ‎03-10-2019 01:59 PM

I have a small group of users that I want to allow access to a switch. I only want to allow them to do "show int status", "show run" and "show proc." What is the best way to set this up? Does the privlige level have to be set up on the switch or is this done on the ACS. The users are set up in a group called "UserSupport"

Labels:
0 Helpful
3 Replies 3

cannonscott
Level 1
Level 1
In response to nchopra79

‎02-01-2005 06:15 AM

That shows how to set up basic Authorization on the switch but dosen't help with setting privlige levels or command authorization.

0 Helpful

Kevin Dorrell
Level 10
Level 10
In response to cannonscott

‎02-01-2005 08:06 AM

The top of the document tells you about the basic setup, but the example shows you how to set the privelege levels required to use certain router commands (in this case, level 7), and shows you how to set up the TACACS so that specific users have level 7 access (as opposed to the more normal level 1 or 15), so they can use those specific commands. You need to dig quite deep into the example, but the information is there.

But if you want a more detailed document, here is one:

http://www.cisco.com/en/US/products/sw/secursw/ps4911/products_tech_note09186a0080107cfd.shtml

Here is a document that tells you how to do it without a TACACS:

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml

Kevin Dorrell

Luxembourg

0 Helpful
Customers Also Viewed These Support Documents