Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
2238
Views
0
Helpful
0
Comments

Unable to Map Command Set to Shell Profile in ACS 5.2

Prabhu Nagarajan
Level 1
Level 1

‎08-31-2012 03:04 AM - edited ‎02-21-2020 09:58 PM

 

Problem

User is unable to map the Command Set to the Shell Profile in ACS 5.2. The error "command authorization failed" is seen when the commands present in the command set is applied to the device configuration. The TACACS Authorization report shows the failure reason "13025 Command failed to match a Permit rule". Why this happens and how this can be fixed?

Resolution

This is a very common issue and the problem is that the Command  Set option is not enabled by default. We need to customize the  Authorization page using the "Customize button" at the bottom right of  the page as shown below.

 

index.png

 

Then move the "Command Set" option from Available to Selected section under the Customize Results section. Now click OK which resolves this issue.

index1.png

 

Source:https://supportforums.cisco.com/message/3650254#3650254

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents