Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Using ACS for command authorization

I've setup my ASA for this and it works as it should, the restricted user can only run the commands I put into the command set in ACS.

However this is fine on telnet/SSH but when using ASDM the restricted account has level 15 access and is able to change things.

Can you use ACS to give a view only account on an ASA when using ASDM?

New Member

Re: Using ACS for command authorization

Not sure which version of ACS you 're running. Please check admin control and see if users are defined there with high privilege. I may be looking at a different direction altogether.

New Member

Re: Using ACS for command authorization

thanks for the reply, I actually resolved it by watching the logs and seeing what ASDM needed, in the end had to add permit to the session command and also permit write net

this worked and gives the restricted user view only access to the config etc and also view only in ASDM.