- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-19-2018 04:52 PM - edited 03-08-2019 03:24 PM
Hello, I have my switches configured for TACACS authentication/authorization.
I notice that users can still run the command '?' to see a list of commands. However this is incorrect as all commands are actually authorized on the TACACS server.
Firstly, is there a way a TACACS user can see a list of all commands they can possibly run and secondly can the '?' command be prevented for a TACACS user ?
Solved! Go to Solution.
- Labels:
-
Other Switching
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-19-2018 06:18 PM
As all commands are send for authorization to your tacacs server to be authorized or not after you type in the command and press enter, you can't deny ? "question mark" because this isn't sent to your tacacs server.
Also, I never get the request about having a user checking which commands he's authorized or not and there isn't such command.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-19-2018 06:18 PM
As all commands are send for authorization to your tacacs server to be authorized or not after you type in the command and press enter, you can't deny ? "question mark" because this isn't sent to your tacacs server.
Also, I never get the request about having a user checking which commands he's authorized or not and there isn't such command.
Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
