Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACS Appliance 1112 - Authentication Without Enable Secret

Hello Everybody

I have a ACS appliance 1112 to authenticate users by TACACS+ with Active Directory.

The users can access the privileged mode on network devices just with the user AD without typing a enbale secret but after a restart on appliance now the users are asked to typing a enable secret to access the privileged mode.

Is necessary change something on Network Devices or maybe a configuration on ACS ?

Thanks

1 REPLY

Re: ACS Appliance 1112 - Authentication Without Enable Secret

Please go to the group that belongs to the user in question and make sure we have shell exec checked with priv 15

Bring users/groups in at level 15

1. Go to user or group setup in ACS

2. Drop down to "TACACS+ Settings"

3. Place a check in "Shell (Exec)"

4. Place a check in "Privilege level" and enter "15" in the adjacent field

Also check passed authenticate logs and make sure that user are mapped to the right group of acs.

Regards,

~JG

Do rate helpful posts

163
Views
0
Helpful
1
Replies
CreatePlease to create content