09-06-2008 04:40 AM - edited 03-10-2019 04:04 PM
I would like to configure 2 groups of users on my 4500s using local authentication .The first group would have access only to the show commands and at the test tdr commands.The other user group would have unlimited access.Is it possible to do it through local authentication or i have to use a RADIUS or TACACS+ server?Keep in mind that the users will access the switches through telnet
Solved! Go to Solution.
09-06-2008 06:02 AM
If you go for Local use local authentication /authorization then you need to do it on per user basis and not on group basis. Locally we don't have any group. See this link
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
Best way to manage this set up is via radius or tacacs and set up command authorization using tacacs.
Regards,
~JG
Do rate helpful posts
09-06-2008 06:02 AM
If you go for Local use local authentication /authorization then you need to do it on per user basis and not on group basis. Locally we don't have any group. See this link
http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a00800949d5.shtml
Best way to manage this set up is via radius or tacacs and set up command authorization using tacacs.
Regards,
~JG
Do rate helpful posts
09-10-2008 12:40 AM
Further to that i would like to log the configuration changes on the switches.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: