04-04-2014 02:39 AM - edited 03-04-2019 10:43 PM
Dear all,
I am facing a Tacacs issue with 15.3 image on 1941 router..
Basically when we ordered new 1941, the default image we got was c1900-universalk9-mz.SPA.153-1.T1.bin
Now we have two privilege levels configured for different users group on Tacacs.. Level 15 is system engineers and Level 7 for helpdesk engineers.
Below are the privilege 7 commands allowed on router..
privilege exec level 7 traceroute
privilege exec level 7 ping
privilege exec level 7 show startup-config
privilege exec level 7 show running-config
privilege exec level 7 show configuration
privilege exec level 1 show logging
privilege exec level 1 show
When the system engineer logs into router with Privilege 15, he doesn't get any issue in running any "show" command.. but when a helpdesk engineer logs in, he get below error while running "show" command.
civrixr01_new#sh config
Using 13253 out of 262136 bytes
%Error opening nvram:/startup-config (Permission denied)
When I changed the IOS to c1900-universalk9-mz.SPA.151-4.M7.bin(lower version) .. The error disappeared..
Any Idea if this can be an IOS bug or Tacacs server issue.
Solved! Go to Solution.
04-04-2014 10:38 AM
Hi Inderjeet,
In that new IOS, configure the file system privilege level through config command "file privilege 7" and check.
Regards,
Kumar
04-04-2014 10:38 AM
Hi Inderjeet,
In that new IOS, configure the file system privilege level through config command "file privilege 7" and check.
Regards,
Kumar
04-06-2014 02:28 AM
Hi Pradeep,
Thanks.. I will apply this, check and will confirm..
Thanks..
Inderjeet
04-04-2014 12:17 PM
Hello
when logged on as the desktop engineer
show privilege
res
Paul
04-06-2014 02:27 AM
Hi Paul,
Here is the output of "show privilege" command
civrixr01_new#show privi
Current privilege level is 7
civrixr01_new#
04-06-2014 08:15 AM
Hello
looks like the desktop account as define access privileges hence the reason why they cannot perform the show run command
privilege exec level 7 show run
res
Paul
04-06-2014 11:23 PM
Hi Pradeep,
Thanks.. its working..
Hi Paul,
Appreciate your help as well in sorting this out..
Thanks..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide