[tac_plus] What part of tac_plus daemon configuration does "aaa authorization exec default group tacacs+" command in Cisco IOS TACACS+ client check?
Krux
krux at thcnet.net
Tue Apr 14 15:45:38 UTC 2015
Authorization exec is used to tell the Cisco device to use the privilege level specified by the TACACS+ server when logging in. For example privilege level 15. This means you don't have to issue the enable command. It is also required if you want to use features like the scp server to push firmware to your device, since the scp server requires that your exec level be 15 on login.
perl -e 's==UBER?=+y[:-o]}(;->\n{q-yp-y+k}?print:??;-p#)'
On April 13, 2015 1:54:37 AM PDT, Martin T <m4rtntns at gmail.com> wrote:
>Hi,
>
>in Cisco IOS TACACS+ client there is a command "aaa authorization exec
>default group tacacs+". Am I correct that all this command does is to
>force TACACS+ client to take account the "service = exec"
>configuration snippet in tac_plus daemon configuration file? For
>example:
>
>service = exec {
> priv-lvl = 15
> autocmd = "show version"
>}
>
>
>thanks,
>Martin
>_______________________________________________
>tac_plus mailing list
>tac_plus at shrubbery.net
>http://www.shrubbery.net/mailman/listinfo/tac_plus
More information about the tac_plus
mailing list