Thanks for taking the time to look at this with me. I have a field tech that had to replace an ACS 5.3 box. The new one was 5.4, unfortuantely there were not config backups of the old device.
At this point just setting up a local list of users in the ACS and setting permissions to for the administrators to have access to the routers and switches.
My tech reports that he is experiencing a strange problem with permissions to the Cisco Nexus 7000 via thje ACS 5.4. When we SSH in, we are authenticated via the ACS server but do not go into privilage exec we still need to type enable and then enter the enable password. We thought that before the username/pw would bring usimediately to privilage exec mode.
So we then enter the enable password, get the # prompt and do a "show run" we then get an unauthorized message.
This is odd because we can do a "config t" .
So it appears we are not at level 15 and assume this is part of the Authorization policy's but do not see where those levels are set. I have the checkbox if command not listed to permit access.
Am I missing something? Can someone please point me to where I should look for these settings?