ACS Authorization

Unanswered Question
Oct 7th, 2008
User Badges:

I'd like to configure shell authorization sets in ACS for Routers and switches .In this scenario, the users are able to use selective commands (configure terminal and to shut and no shut the interface only ) how can i do that on ACS

I tried the following but it doesn't work


configure permit terminal

interface permit shutdown

permit no shtdown


when i tested i can use any command under the interface configuration mode but i'd like to restrict it to shut and no shut only

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jagdeep Gambhir Tue, 10/07/2008 - 10:49
User Badges:
  • Red, 2250 points or more

Make sure permit unmatched argument is not checked. See attachment.



Regards,

~JG


Do rate helpful posts



Attachment: 
welcomeccie Tue, 10/07/2008 - 17:00
User Badges:

I need it on all the interfaces not one only and Should i configure privilege command on the router and switches too?

SteveChapman Fri, 10/10/2008 - 12:49
User Badges:

I am having the same problem under Config t. I can't seem to restrict anything after that. I do not have perment unmatched... chekced,

DEAN WETHERALD Mon, 11/17/2008 - 13:54
User Badges:

Steve,


Did you resolve this issue??? I have configured shell authorization on the ACS and want to allow certain users to access conf t but limit their commands after this. When I do a shell set that includes 'configure permit terminal' there does not appear to be anyway to control the configuration commands. Access to all configuration is granted.


Any guidence would be appreciated.


Dean

Actions

This Discussion