Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
922
Views
5
Helpful
1
Replies

Cisco Nexus aaa authorization 'commands' vs 'config-commands'

johnlloyd_13
Level 9
Level 9

‎07-05-2021 06:33 AM

hi,

i'm trying to configure AAA on a nexus switch. could someone advise the difference between.

aaa authorization commands

vs

aaa authorization config-commands

 

my google search only points to cisco config guides. i would like to know if one is preferred over the other? or should i include both? 

 

also please see my nexus AAA template below. do i need to add/remove lines here?

 

aaa authentication login default group TAC-GRP local
aaa authentication login console group TAC-GRP local
aaa authorization config-commands default group TAC-GRP local
aaa authorization config-commands console group TAC-GRP local
aaa authorization commands default group TAC-GRP local
aaa authorization commands console group TAC-GRP local
aaa accounting default group TAC-GRP local

Labels:
0 Helpful
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎07-05-2021 06:40 AM

Configures authorization parameters.

 

Use the commands keyword to authorize EXEC mode commandes.

Use the config-commands keyword to authorize configuration mode commands.

Use the group, local, or none keywords to identify the authorization method.

 

example :

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/security/421_n1_1/b_Cisco_n5k_security_config_gd_rel_421_n1_1/Cisco_n5k_security_config_gd_rel_421_n1_1_chapter3.html#task_CEDE50C46F6E4E2DB046DF39707B495A

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents