5-13
TACACS+ Authentication
Configuring TACACS+ on the Switch
Configuring the TACACS+ Server for Single Login
In order for the single login feature to work correctly, you need to check some 
entries in the User Setup on the TACACS+ server. 
In the User Setup, scroll to the Advanced TACACS+ Settings section. Make 
sure the radio button for “Max Privilege for any AAA Client” is checked and 
the level is set to 15, as shown in Figure 5-4. Privileges are represented by the 
numbers 0 through 15, with zero allowing only Operator privileges (and 
requiring two logins) and 15 representing root privileges. The root privilege 
level is the only level that will allow Manager level access on the switch. 
Figure 5-4. Advanced TACACS+ Settings Section of the TACACS+ Server User Setup
Then scroll down to the section that begins with “Shell” (See Figure 5-5). 
Check the Shell box.
Check the Privilege level box and set the privilege level to 15 to allow “root” 
privileges. This allows you to use the single login option.