01-03-2013 07:07 AM - edited 03-07-2019 10:52 AM
hello,
Can anyone provide assistance on how to change the default AAA tacacs role in the nexus environment? By default if you authenticate with tacacs you are place in the VDC operator role, which limits you to the changes you can make.
Thanks,
01-03-2013 09:58 AM
Hi,
You cannot change the default roles network-admin, network-operator, vdc-admin, and vdc-operator.
You can add the user to the vdc-admin role which will give you access to everything.
http://www.cisco.com/en/US/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_rbac.html#wp1454861
HTH
01-03-2013 10:27 AM
I understand that per user, but what about a team of engineers that use tacacs to login to the nexus devices? we are using an ACS server
01-03-2013 10:37 AM
Never mind...figured it out. Thanks for the reply. In the ACS server you have to specify the role
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
