ACS Authorization

welcomeccie · ‎10-07-2008

I'd like to configure shell authorization sets in ACS for Routers and switches .In this scenario, the users are able to use selective commands (configure terminal and to shut and no shut the interface only ) how can i do that on ACS

I tried the following but it doesn't work

configure permit terminal

interface permit shutdown

permit no shtdown

when i tested i can use any command under the interface configuration mode but i'd like to restrict it to shut and no shut only

Jagdeep Gambhir · ‎10-07-2008

Make sure permit unmatched argument is not checked. See attachment.

Regards,

~JG

Do rate helpful posts

welcomeccie · ‎10-07-2008

I need it on all the interfaces not one only and Should i configure privilege command on the router and switches too?

Steve Chapman · ‎10-10-2008

I am having the same problem under Config t. I can't seem to restrict anything after that. I do not have perment unmatched... chekced,

DEAN WETHERALD · ‎11-17-2008

Steve,

Did you resolve this issue??? I have configured shell authorization on the ACS and want to allow certain users to access conf t but limit their commands after this. When I do a shell set that includes 'configure permit terminal' there does not appear to be anyway to control the configuration commands. Access to all configuration is granted.

Any guidence would be appreciated.

Dean