Cisco Systems 3.3 Benutzerhandbuch

Use this procedure to specify the shell command authorization set parameters for 
a group. There are four options:

None—No authorization for shell commands.

Assign a Shell Command Authorization Set for any network device—One 
shell command authorization set is assigned, and it applies to all network 
devices.

Assign a Shell Command Authorization Set on a per Network Device 
Group Basis—Enables you to associate particular shell command 
authorization sets to be effective on particular NDGs.

Per Group Command Authorization—Enables you to permit or deny 
specific Cisco IOS commands and arguments at the group level.

This feature requires that you have previously configured a shell command 
authorization set. For detailed steps, see 

.

To specify shell command authorization set parameters for a user group, follow 
these steps:

In the navigation bar, click Group Setup.

The Group Setup Select page opens.

From the Group list, select a group, and then click Edit Settings.

The Group Settings page displays the name of the group at its top.

From the Jump To list at the top of the page, choose TACACS+.

The system displays the TACACS+ Settings table section.

Use the vertical scrollbar to scroll to the Shell Command Authorization Set 
feature area.

To prevent the application of any shell command authorization set, select (or 
accept the default of) the None option.