Question : Problem: AAA authorization confguration

I'm configuring a Cisco Access Server for the routers in my network...But I'm confused on what AAA configuration I should use in the router when I'm configuring a helpdesk for minimal router access..For example the I just want the helpdesk just to use sh run and nothing else...But I when I set the max privileges in the Cisco Secure application server to anything below 15, it tells me that the Tacacs+ enable privlieges are too low....Am I'm missing something....Can some give me a sample AAA configuration example for the routers to solve this problem.....I believe I need aaa authorization...Any help would be apprieciated..

Answer : Problem: AAA authorization confguration

Yes, aaa authorization is required, but the command restrictions lies in the ACS server. What version do you have? Have you created a group of commands that are authorized, then applied that command list to the user group?

Alternatively, you can use user privelege levels on the router itself...

username helpdesk pass prive level 3
Then define the commands that priv level 3 can do....

privilege exec level 3 sho run

http://www.cisco.com/en/US/tech/tk59/technologies_tech_note09186a008009465c.shtml

Random Solutions

Problem: Selecting a 32ft + Montior for Group Briefings and Planning

Problem: Scanning as pdf

Problem: WTF's up with my iSCSI network config ???

Problem: HP 2510 Scan Wirelessly

Problem: Using a JVC CU-VD10U dvd burner, keep getting formatting failed error message

Problem: WSUS default WebSite

Problem: External hard disk corrupted

Problem: Dell Server

Problem: Windows 2003 Enterprise - 8-Way Symmetric Multiprocessing

Problem: Network Speed seems slow for Gigabit