Jennifer Halim Fri, 05/21/2010 - 19:04
User Badges:
  • Cisco Employee,

Can you share your config?

Do you need authorization? If not, remove the "aaa authorization" command and test if authentication works.

Jatin Katyal Sat, 05/22/2010 - 02:12
User Badges:
  • Cisco Employee,

Looks like you have " aaa authorization exec default group tacacs local" in you configuration. This means that runs authorization to determine if the user is allowed to run an EXEC shell.


In order to fix this user should have privelege 15 on the tacacs server. If you are running Cisco ACS then I would suggest go to user/group setup >> tacacs shell (exec) >> Privilege 15 >> suubmit


This will fix the issue.


Regds

JK


Do rate helpful posts

patrick.hurley Sat, 05/22/2010 - 20:49
User Badges:

I am using the free windows Cisco software which is hard to figure out.   Here is what I have in the tac.cfg file.   I don't have something correct.  I get the message at the bottom when I run the tac_plus.exe -C tac.cfg command.


# CONFIGURE ENCYPTION KEY
key = VerYs3cr3taqskey
# Configure User
user = pat {
default service = permit
login = cleartext "pat"
service = exec {
priv-lvl = 15
}
}
# End file


Warning, not running as uid 0
Tac_plus is usually run as root
for user on line 4 keyword

Actions

This Discussion