Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
411
Views
0
Helpful
1
Replies

Assigning different privileges with RADIUS server.

loralubo1
Level 1
Level 1

‎11-05-2002 12:49 AM - edited ‎02-20-2020 09:19 PM

I have a Cisco AS5300 with the following aaa configuration:

aaa new-model

aaa authentication login default group radius none

aaa authentication enable default group radius none

aaa authorization exec default group radius none

aaa authorization network default group radius

I have ICRADIUS installed on one of my unix servers.

Authentication works fine..but when I try to assign privilege level 7 - users the capability to perform "config t" commands authorization fails.

The debug aaa authorization command shows the following output:

config command authorization not enabled.

Any help would be greatly appreciated.

Labels:
0 Helpful
1 Reply 1

Nairi Adamian
Cisco Employee
Cisco Employee

‎11-05-2002 02:52 AM

Config t is a priv 15 command. A user with priv level 7 will not be able to enter this command. You will need to change the priv level of the command using the following:

privilege exec level 7 configure terminal

For further information:

http://www.cisco.com/en/US/tech/tk648/tk367/technologies_tech_note09186a008009465c.shtml

hope this helps,

-Nairi

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents