32-25
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 32 Configuring Management Access
Configuring AAA for System Administrators
TACACS+
command
authorization
You are logged in
as a user without
enough privileges
or as a user that
does not exist
You enable command
authorization, but then
find that the user
cannot enter any more
commands.
Fix the TACACS+ server
user account.
If you do not have access to
the TACACS+ server and
you need to configure the
adaptive security appliance
immediately, then log into
the maintenance partition
and reset the passwords and
aaa commands.
Session into the adaptive
security appliance from the
switch. From the system
execution space, you can
change to the context and
complete the configuration
changes. You can also
disable command
authorization until you fix
the TACACS+
configuration.
Local command
authorization
You are logged in
as a user without
enough privileges
You enable command
authorization, but then
find that the user
cannot enter any more
commands.
Log in and reset the
passwords and aaa
commands.
Session into the adaptive
security appliance from the
switch. From the system
execution space, you can
change to the context and
change the user level.
Table 32-2 CLI Authentication and Command Authorization Lockout Scenarios (continued)
Feature Lockout Condition Description Workaround: Single Mode Workaround: Multiple Mode
To Next Page
Loading...
Need help?
General
