Show config not working in ACS "Shell Command Auth set"

Unanswered Question
Apr 20th, 2009
User Badges:

To allow an AAA user access to the "show config" command I have created them an account in ACS and assigned the relevant "Shell Auth Set" but it still does not permit them to use it?, I read that this may not be the command that the switch sends the ACS server. Anyone have any ideas (switch is configured with all AAA commands)


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Vinay Sharma Wed, 04/22/2009 - 04:02
User Badges:
  • Gold, 750 points or more

Hi,


I am expecting that rest of the shell command authorization configuration is good on the ACS and device. We need to add command show along with the argument in command authorization set. I have attached a sample configuration for reference.


Please verify the configuration of ACS and device before making any changes from keeping your self locked on the device.


ACS Shell Command Authorization Sets on IOS and ASA/PIX/FWSM Configuration Example:-


http://cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml




Actions

This Discussion