Unanswered Question
May 16th, 2006
User Badges:

I am having issues authentication with network-admin privileges via TACACS on the MDS. I defined the custom av attribute in the tacacs settings on acs as follows:


For some reason it doesn't seem like the AV pair is passing to the MDS and I always am given network-operator privileges.

Any ideas on what I could check?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
tblancha Tue, 05/16/2006 - 09:30
User Badges:
  • Cisco Employee,

Try this AV Pair instead:


robertsmichael Tue, 05/16/2006 - 11:53
User Badges:

Still no luck. I do see the following entry in the messages:

Trap (DE)Register at / failed. Permission denied or feature disabled.

Could that have anything to do with the MDS not accepting the AV pair?

tblancha Tue, 05/16/2006 - 16:27
User Badges:
  • Cisco Employee,

Yes, sounds like you need a little more involvement then this forum offers. So, if you do not have a key between the mds and the tacacs server, go ahead and get a sniffer trace showing a login. Get a debug aaa all at the same time. Depending on who your support is with-->an OSM or Cisco, go ahead and open support case.


This Discussion



Trending Topics: Storage Networking