Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACS shell command to restrict access

I am trying to set up groups within ACS to have "show" privilege only, per the below link.

I have ACS set up and working for the network from the admin group allowing all access and it is working fine.

When I follow the instructions to allow only "ReadOnlyAccess", I can log into the devices, but do not have "enable" access.

I get an authenitcation error:

"T+ enable privilege too low"

Do I need to allow "enable" as well in the shell command?

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml')

1 REPLY

Re: ACS shell command to restrict access

Under the Advanced TACACS options, set the Max privilege of level 1 or higher..

233
Views
0
Helpful
1
Replies