Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

AAA Command Authorization

I have an ACS 4.0 device. In the shell command authorization set section, you have the ability to define permitted or denied commands (show) and arguments (running-config). I am limiting users to a specific set of commands. One of the commands is 'exit'. To my knowledge, 'exit' does not have any arguments. If I add 'exit' as a permitted command but enter nothing for the argument section, I get authorization failed at the router. If I select 'permit unmatched args' (for exit), authorization is successful. I would prefer to not select 'permit unmatched args'. Is there an argument for 'exit' that I am not aware of?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: AAA Command Authorization

Hi,

Try this,

exit--------permit

represents return key.

Regards,

Prem

2 REPLIES

Re: AAA Command Authorization

Hi,

Try this,

exit--------permit

represents return key.

Regards,

Prem

New Member

Re: AAA Command Authorization

It worked thanks. The ACS servers gives me an error saying the correct format is permit or deny followed by an argument, but the 'permit' has been saved and is working.

Thanks again.

140
Views
0
Helpful
2
Replies
CreatePlease to create content