acs 4.1 authorization for level 15 !!

Unanswered Question
Apr 15th, 2009
User Badges:

hi all, i am currently using acs 3.3 (windows) but i am not able to restrict users assigned to level 15 from issuing certain commands. Someone told me this is possible in acs4.1 so do i have to configure normal authorization on acs 4.1 and it will be applied to level 15 or do i need to do some special config on acs/router ?

Kindly guide me

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
amritpatek Tue, 04/21/2009 - 15:22
User Badges:
  • Silver, 250 points or more

In addition to your preset configuration, these commands are required on an IOS router or switch in order to implement command authorization through an ACS server:

aaa new-model

aaa authorization config-commands

aaa authorization commands 0 default group tacacs+ local

aaa authorization commands 1 default group tacacs+ local

aaa authorization commands 15 default group tacacs+ local

tacacs-server host A.B.C.D

tacacs-server key cisco123


This Discussion