ACS Appliance 1112 - Authentication Without Enable Secret

Unanswered Question
Jun 23rd, 2009

Hello Everybody

I have a ACS appliance 1112 to authenticate users by TACACS+ with Active Directory.

The users can access the privileged mode on network devices just with the user AD without typing a enbale secret but after a restart on appliance now the users are asked to typing a enable secret to access the privileged mode.

Is necessary change something on Network Devices or maybe a configuration on ACS ?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jagdeep Gambhir Tue, 06/23/2009 - 07:24

Please go to the group that belongs to the user in question and make sure we have shell exec checked with priv 15

Bring users/groups in at level 15

1. Go to user or group setup in ACS

2. Drop down to "TACACS+ Settings"

3. Place a check in "Shell (Exec)"

4. Place a check in "Privilege level" and enter "15" in the adjacent field

Also check passed authenticate logs and make sure that user are mapped to the right group of acs.



Do rate helpful posts


This Discussion