Specifications
Chapter 4 Managing GSS User Accounts Through a TACACS+ Server
Specifying TACACS+ Authorization of the GSS
4-24
Cisco Global Site Selector Administration Guide
OL-5480-01
Use the no form of the aaa authentication command to disable the TACACS+
authentication function. For example, to disable TACACS+ authentication for an
SSH remote access connection, enter:
gss1.example.com(config)# no aaa authentication ssh
Specifying TACACS+ Authorization of the GSS
TACACS+ authorization enables you to set parameters that restrict user access to
specific GSS CLI commands, as defined by the TACACS+ server. Use the aaa
authorization commands command to enable the TACACS+ authorization
service to limit a user’s access to specific GSS CLI commands. The aaa
authorization commands command applies to the user-level and privileged-level
EXEC mode commands issued on the GSS. The command authorizes all attempts
to enter user-level and privileged-level EXEC mode commands, including global
configuration and interface configuration commands.
To enable TACACS+ authorization for the GSS CLI commands, enter:
gss1.example.com(config)# aaa authorization commands
Use the no form of this command to disable the TACACS+ CLI command
authorization function. For example, enter:
gss1.example.com(config)# no aaa authorization commands
For details about limiting user access to GSS CLI commands from the TACACS+
server, see the
“Configuring Authorization Settings on the TACACS+ Server”
section.