ACS 4.2 TACACS+ privilege level

Unanswered Question
Jul 28th, 2010
User Badges:

Hi,


Most of devices use privilege level 15 for TACACS+ administration (Extreme, Cisco...), but we have devices that require privilege level 6 in order to have admin rights (Nortel Passport 8606).


So i would like to know if its possible to allow different TACACS+ privilege level for the a user group according to the device type (considering that the priviliege level setup is in the user group tab)


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Javier Henderson Wed, 07/28/2010 - 13:50
User Badges:
  • Cisco Employee,

Will the Nortel box accept priv-lvl=15 in lieu of 6?


You cannot assig a privilege level based on the device name or IP address, those are assigned at the user or group level.


ACS 5 does let you do this sort of granular level assignment, however.

msurget.orange Thu, 07/29/2010 - 00:07
User Badges:

No, Nortel doesn't accept priv-lvl 15, have you any idea how to solve this issue ?


We already did a downgrade of the ACS 5.1 because of a AD problem.

Actions

This Discussion