set tacacs command

Use this command to enable or disable TACACS+ accounting or authorization on a per-command basis.

Syntax

set tacacs command {accounting | authorization} {enable | disable}

Parameters

accounting \| authorization	Specifies either TACACS+ accounting or authorization to be enabled or disabled.
enable \| disable	Enable or disable accounting or authorization on a per-command basis.

Defaults

None.

Mode

All command modes.

Usage

In order for per-command accounting or authorization by a TACACS+ server to take place, the command must be executed within an authorized session.

When per-command accounting is enabled, the TACACS+ server will log accounting information, such as start and stop times, IP address of the client, and so forth, for each command executed during the session.

When per-command authorization is enabled, the TACACS+ server will check whether each command is permitted for that authorized session and return a success or fail. If the authorization fails, the command is not executed.

Example

This example shows how to enable TACACS+ authorization on a command basis.

System(rw)->set tacacs command authorization enable

Published May 2016prev | next

Email this topic

Print this page Print this page

Leave feedback Feedback