Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Assigning different privileges with RADIUS server.

I have a Cisco AS5300 with the following aaa configuration:

aaa new-model

aaa authentication login default group radius none

aaa authentication enable default group radius none

aaa authorization exec default group radius none

aaa authorization network default group radius

I have ICRADIUS installed on one of my unix servers.

Authentication works fine..but when I try to assign privilege level 7 - users the capability to perform "config t" commands authorization fails.

The debug aaa authorization command shows the following output:

config command authorization not enabled.

Any help would be greatly appreciated.

1 REPLY
Cisco Employee

Re: Assigning different privileges with RADIUS server.

Config t is a priv 15 command. A user with priv level 7 will not be able to enter this command. You will need to change the priv level of the command using the following:

privilege exec level 7 configure terminal

For further information:

http://www.cisco.com/en/US/tech/tk648/tk367/technologies_tech_note09186a008009465c.shtml

hope this helps,

-Nairi

99
Views
0
Helpful
1
Replies
CreatePlease to create content