When I log into the 4500 switch with my domain account, I get priv 1 only and have to “enable” with the local enable password to get to priv 15.  How do I set this up to get directly to enable? The ACS 5.1 is setup with a authorization/shell profile for Priv 15, no problems there.

2821-RTR2#show run | incl aaa
aaa new-model
aaa authentication login default group tacacs+ local enable
aaa authentication login CONSOLE local-case line
aaa authorization exec default group tacacs+ none
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa session-id common

4500 that drops into enable mode

4500-SW1#show run | incl aaa
aaa new-model
aaa authentication login default group tacacs+ local enable
aaa authentication login CONSOLE local-case line
aaa authorization exec default group tacacs+ none
aaa accounting exec default start-stop group tacacs+
aaa accounting commands 15 default start-stop group tacacs+
aaa session-id common