Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

aaa Nexus platform / enable mode

Hi,

For our customer we have the following setup:

Nexus switches (among other equipment) who are configured to perform AAA authentication against a Radius server (Windows NPS).

For our own accounts we send along privilege 15, however, for the customers accounts they don't send any privilege along (thus on IOS ending up in priv 1). After having logged in they normally use the enable command to get in privileged mode (enable does local auth).

Now on NEX-OS they want the same behaviour, however, I cannot find any information on how to do this.

So far I can figure out the Nexus doesn't know an enable mode. You either specify a privilege or a role to a local user.

Would the only viable solution be to send something like this along:

Cisco-AVPair = "shell:roles=\"network-operator vdc-admin\""

And then create a local role to have priv 15 privileges?

Cheers,

Wouter

121
Views
0
Helpful
0
Replies