[tac_plus] Problem managing tacacs+
amani hamdi
amanihamdi89 at gmail.com
Tue Aug 28 10:03:50 UTC 2012
*hello,
I have installed the f4.0.4.22 version of Tacacs+ from your site but i have
problems with managing authorizations. **
this is my configuration:
*
cisco catalyst 2960 configuration:*
aaa new-model
aaa authentication login telnet group tacacs+ local
aaa authentication login console group tacacs+ local
aaa authentication enable default group tacacs+ enable
aaa authorization config-command
aaa authorization exec default group tacacs+
aaa authorization commands 1 default group tacacs+ none
aaa authorization commands 15 default group tacacs+ none
aaa accounting update newinfo
aaa accounting exec default start-stop group tacacs+
*
tacacs+ configuration file:
*user = supervisor {
login = cleartext "normal"
enable = cleartext "enable"
cmd = show {
* permit interfaces
deny .**
*}
For this example I wanted to limit the use of the "show" command and enable
only the "show interfaces" command. But, it didn't work for me. All "show"
commands are enabled!
I'm using a cisco catalyst 2960.
Can you help me please?
think you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20120828/baafa7a7/attachment.html>
More information about the tac_plus
mailing list