I have the ACS SE 4.2, and 2950 edge switches.
I have setup two users, one admin and one test on the ACS.
I have applied the following configuration on my switch:
aaa authentication login default group tacacs+ local enable
aaa authorization config-commands
aaa authorization exec default group tacacs+
aaa authorization commands 0 default group tacacs+ local
aaa authorization commands 15 default group tacacs+ local
aaa authorization network default group tacacs+
aaa accounting exec default start-stop group tacacs+
aaa accounting network default start-stop group tacacs+
The test user is in it's own group, and I have applied a max privilege level of 15 to this group.
I have then set specific commands that the group is permitted to use, and denied to use.
However it doesn't seem to work correctly.
Can anyone see an error in how I've configured the switch?
I have attached screenshots of the user and group setup also.