Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Unable to Map Command Set to Shell Profile in ACS 5.2

 

Problem

User is unable to map the Command Set to the Shell Profile in ACS 5.2. The error "command authorization failed" is seen when the commands present in the command set is applied to the device configuration. The TACACS Authorization report shows the failure reason "13025 Command failed to match a Permit rule". Why this happens and how this can be fixed?

Resolution

This is a very common issue and the problem is that the Command  Set option is not enabled by default. We need to customize the  Authorization page using the "Customize button" at the bottom right of  the page as shown below.

 

index.png

 

Then move the "Command Set" option from Available to Selected section under the Customize Results section. Now click OK which resolves this issue.

index1.png

 

Source:https://supportforums.cisco.com/message/3650254#3650254

Version history
Revision #:
2 of 2
Last update:
‎08-28-2017 02:09 AM
Updated by:
 
Labels (1)
Contributors
Everyone's tags (2)