Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AAA authorization show run in priv 7

Hi,Any one can help...

I have set up AAA on my network.

aaa authentication login default group tacacs+ group security local

aaa authorization exec default group tacacs+ group security local

aaa accounting exec default start-stop group tacacs+ group security

tacacs-server host x.x.x.x

tacacs-server directed-request

tacacs-server key 7 xyz

I want set prvilige on group basis.

I have created a group called test in ACS server and set comnand authorization on pergroup basis

& added show command with permit running-config as arguments.

My objective is give the user of test group priv level 7 but they can use show running-config.

Any help?

thanks in advance

4 REPLIES
New Member

Re: AAA authorization show run in priv 7

Hi,

If you want to set privilege on the basis of group setting then follow the following TAB::

Group>Edit Settings>

Then scroll down to Tacacs setting and set the desired privelege in privilege leve check box.

I hope this will fulfill your requirement.

Thanks

Deepak

New Member

Re: AAA authorization show run in priv 7

Thanks for your reply.But I've already tried.If i give priv 7 he can't use show run. but i want to give hime sh run in priv 7

Thnx,

Sourav

New Member

Re: AAA authorization show run in priv 7

You also have to reset the priv level of show run on the device. In IOS it would look something like this:

privilege exec level 7 show running-config

You will need to check the proper documentation for your router, etc.

New Member

Re: AAA authorization show run in priv 7

Hi,

Thanks for your reply.It's nearly the exact what I wanted.However show running-config only shows like these

7206a#sh run

Building configuration...

Current configuration : 53 bytes

!

boot-start-marker

boot-end-marker

!

!

!

!

!

!

end

However #Show config

shows the proper running-config

Thanks

287
Views
3
Helpful
4
Replies
CreatePlease login to create content