Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS 5.2 - 13029 requested user privilege too high

 

Hi 

       Am using cisco ACS 5.2 in my environment for centralized login management of devices with tacacs+ protocol.

       Currently i have configured a aaa client(cisco 3750) in ACS for testing purpose.

       Login authentication works fine unlike enable password authentication which pops following error(ACS log).

              13029 requested user privilege level too high fix

          Actually we have three shell profiles(L2/L1/L0) with relevant command sets(L2/L1/L0). Hence three authorization policies has been created for default device admin with relevant shell pro/cmd set mapped for relevant device identity groups.

         Default authorization policy is been mapped to shell:permit access/cmd:deny all commands.

         AAA client config

                aaa authentication login default group tacacs+ local
                aaa authentication enable default group tacacs+ enable

            Can some one help me out to have this fixed. Pls...

 

 

 

 

 

 

 

 

 

159
Views
0
Helpful
0
Replies
CreatePlease login to create content