Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
3010
Views
0
Helpful
0
Comments

Authorization

ITA Terms
Community Member

‎06-09-2009 04:58 AM - edited ‎02-21-2020 09:53 PM

Description

Authorization is the concept of allowing access to resources only to those permitted to use them

Basic concept: "based off who you are - what are you allowed to do"

Once upon a time, AAA command authorization in Cisco IOS queried the TACACS+ server for every single command a user entered. Rules have changed drastically in the meantime (at least for IOS release 12.4):

  • Non-privileged show commands are executed without TACACS+ authorization. Privileged show commands (show running or show archive log config) are still authorized.
  • Some commands that can be executed in non-privileged (aka disable) mode (enable, disable, help, logout) are authorized only if you configure aaa authorization commands 0 methods regardless of the current privilege level.
  • Other commands (for example, ping) are authorized based on the current privilege level.

Complete Definition

Authorization: access control of resources utilizing your identity (from Authentication) and a set of groups/rule about what you are permitted (or denied) to do.

Wikipedia Definition Authorization

See Also

    Labels:
    0 Helpful
    Getting Started

    Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

    Customers Also Viewed These Support Documents