I am trying to get the TACACS+ work on SRX 11.4R7.5. However during my packet capture on SRX. I found the SRX sent authorzation request with service=junos-exec but ACS returns no value. that cause the SRX to use the "remote" as local-user-name and take the class setting for it.
On ACS, I found the "Group Mapping" policy matched to "Default Rule" and Authorization" policy matched the "Default Rule" as well.
Please help to provide me some document link about how to configure the Group Mapping and Authorization policy properly.
