I'm trying to configure command authorization on ACS and it is failing
miserably. No matter what I do, ACS rejects commands from the network
device. I initially created an authorization set called "read_only" so
someone could get into privileged mode but could only enter certain
commands, e.g. enable, show, disable, exit, etc. As soon as I enabled
command authorization on the network device I stopped being able to enter
any commands at all!
I've tried various mixes of permitting and denying just to see what happens.
At the moment, I have my command authorization set configured to permit
unmatched commands so it should be permitting everything, yet I still get
denied. The logs show that my device is in the proper group and I'm using
the proper authorization set, yet it also shows that the command was denied.
I'm about to pull my hair out. Any thoughts?
Thanks,
John
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=103031&t=103031
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
