08-31-2016 02:53 AM - edited 03-05-2019 04:36 AM
Hello,
I am getting this error in Nexus routers, for all the commands that i run.
# sh ver
Error: AAA authorization failed AAA_AUTHOR_STATUS_METHOD=16(0x10)
Please help.
Regards,
Dheeraj.
09-01-2016 11:06 AM
Hi;
You are getting this error due to the authenticated user on Nexus user as a user privilege (network-operator) instead of admin (network-admin, vdc-admin) right.
Which type of ACS version you are running?
If it's older ver then under the admin profile, in the drop down list, select Cisco-AVPair and use the following string:
shell:roles=”network-admin vdc-admin”
If it's a new version then no need add the custom attribute under admin profile, just select the default/Maximum privileged = 15.
Thanks & Best regards;
03-16-2018 09:45 AM
Hello dj0304071,
I had the same problem with the nexus1000v when I set up tacacs but now I have it as follows:
1.-You must create a .txt or copy the configuration file of your Nexus to a .txt
2.-In the file .txt configures for the tacacs lines a "no" to the configuration
enable
!
config terminal
!
no tacacs-server key 7 "efdgw"
no tacacs-server host 192.168.100.x
no aaa group server tacacs+ AAA-LUCAS
no aaa authentication login default group AAA-LUCAS
no aaa authentication login console group AAA-LUCAS
no aaa authorization config-commands default group AAA-LUCAS
no aaa accounting default group AAA-LUCAS
no aaa authentication login error-enable
no tacacs-server directed-request
3.-From a tftp upload the file to the running-config or start-config.
This way I let myself execute command.
I hope and can help you and regards!
10-08-2018 11:47 PM
Hello all l have the same problem how can l solve this problem?
(config)# tacacs-server directed-request
Error: AAA authorization failed AAA_AUTHOR_STATUS_METHOD=16(0x10)
10-09-2018 11:33 AM
It appears that you are receiving this error when you attempt to enter a configuration command. Is the problem only in config mode? Are you able to successfully execute other commands?
HTH
Rick
10-09-2018 12:52 PM
10-09-2018 01:03 PM
There is a long term aspect to this issue and a short term aspect. The long term aspect is that something in your aaa authorization is not set up correctly or that your user ID is not set up correctly in whatever is providing your authorization service. You need to figure out whether it is an issue in how your aaa authorization is configured or is an issue in how your user account is set up. Once you figure out what that problem is you should correct that issue.
The short term aspect is that you are not able to enter any configuration commands. So it the long term issue turns out to be that something in aaa authorization is not configured correctly then how do you correct it? The solution was mentioned in a previous post. You create a text file and in the text file you put the commands to remove the aaa configuration (or perhaps just the aaa authorization commands). Then you copy the file either to running config or to startup config. Note that if you will be copying to running config then you only need the aaa commands, but if you are copying to startup config then you will need the entire configuration, and after copying to startup config then you will need to reboot the router.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide