06-12-2008 05:07 AM - edited 03-10-2019 03:54 PM
Hello,
I wanted to only allow users to use interface command. But when I permit config terminal in ACS shell command set, all the commands are allowed. How can I limited the users to only have the permission for interfacce command?
Thanks
Solved! Go to Solution.
06-12-2008 07:22 AM
Two things could be wrong
1) You don't have the following command on your AAA Client:
aaa authorization config-commands
2) You have clicked the 'Unmatched Commands' = Permit radio option in ACS, have a look at:
http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml
Regards
Farrukh
View solution in original post
06-12-2008 07:20 AM
Did you configure something like
configure permit terminal
interface permit fastethernet
HAve a look at the attached doc for shell command auth configuration
Narayan
06-12-2008 07:42 AM
yes, i missed the command - aaa authorization config-commands on the clients. After i added that, it works.
Thanks for your help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
