Cisco Secure ACS 4.2
I have a network support group that i just want to deny them the ability to use IOS and CatOS configuration commands.
I noticed that the Per Group Command Authorization is applicable to only IOS-based commands. I applied it to deny "configure", but permit everything else.
How do I go about setting this group up to deny set-based commands for the CatOS devices?