Tacacs+ Configuration - Server Configuration

  • 2
  • Question
  • Updated 2 years ago
I am configuring AAA using Tacacs. Authentication works, however, I do not have access to the "Configure" tab in the GUI and the Dashboard is blank. I am guessing this is an issue with the user's configuration in the Tacacs configuration file on the server. Does anyone know what changes need to be made on the Tacacs server?
Photo of Dave Hackenberg

Dave Hackenberg

  • 2 Posts
  • 0 Reply Likes

Posted 4 years ago

  • 2
Photo of Keith - Pack Leader

Keith - Pack Leader

  • 860 Posts
  • 51 Reply Likes
Hi Dave,

This is not my area of expertise but I did some poking around and found this which looks relevant:

Depending on the privilege level supplied by the TACACS+ server, the

login user is authorized as

a.) Super Admin (Perform all configuration and management tasks on ZD)

(priv-lvl > 2 ( 3 - 15 ) )

b.) Operator Admin (Configure services, but no Admin privilege on ZD, e.g. cannot change logins on ZD)

(priv-lvl = 2)

c.) Monitoring Admin (Monitoring and viewing operational status only)

(priv-lvl = 1)
----

Hope this helps.
Photo of Alex Peruyera

Alex Peruyera

  • 1 Post
  • 0 Reply Likes
I have my admins set at priv-lvl 15 in Tacacs, yet they still have the greyed out config section, any other config changes I need to make here?
Photo of Anthony Anyoti

Anthony Anyoti

  • 11 Posts
  • 0 Reply Likes
Hi-I would like to know if there was an answer for this, I have the exact same scenario but all users do not have access to the configure tab despite having pirv-lvl 15 on my tacacs server.
Photo of DSE

DSE

  • 60 Posts
  • 3 Reply Likes
Anthony , and the rest, what you put on the ZD in Tacacs+ service field??
Photo of Anthony Anyoti

Anthony Anyoti

  • 11 Posts
  • 0 Reply Likes
Hi DSE,

Under Tacacs Service* = Authentication, Authorization, Accounting

Regards
Anthony