Guys, I'm pulling my hair not understanding why it happens. The user (priv 15) is assigned a set of commands which are as follows:
Show "permit ver" (no permit unmatched arguments) Show "permit proc cpu" (no permit unmatched arguments) Configure "permit terminal" (no permit unmatched arguments) Interface (permit unmatched arguments) Shutdown (permit unmatched args) No "permit shutdown" (no permit unmatched arguments) All required exec and commands authorization commands are configured and applied to VTY lines. When the user logs in via VTY he is perfectly able to run all show commands regardless of having only two show commands allowed. I don't understand what was the point of allowing only two priv 1 commands in the task for the user with priv 15. I see that all show commands are of priv 1 and they are allowed in TACACS administration Eugene
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
