Exec authorization is supported, but enable still requires
authorization. Without exec authorization enabled, local users can
ssh to the firewall even if they are just set to remote-access. By
enabling exec authorization, this attribute is honored. However, it
does not put the user into enable mode even if they are set
service-type admin.
On Mon, Mar 29, 2010 at 5:48 PM, Edouard Zorrilla <ezorrilla_at_tsf.com.pe> wrote:
> Guys,
>
> Have you see this link :
>
> http://www.aboutcisco.biz/en/US/products/hw/vpndevc/ps2030/products_qanda_ite
> m09186a00805b87d8.shtml#ASAececAuth
>
> Is says that no EXEC Authorization feature is not supported in ASA.
>
> If that is true, why do I have this command :
>
> Rack1ASA10-6-254(config)# aaa authorization exec authentication-server
> ?
>
> Rack1ASA10-6-254(config)# sh ver | i Version
> Cisco Adaptive Security Appliance Software Version 8.3(1)
> Device Manager Version 6.3(1)
> Rack1ASA10-6-254(config)#
>
> I undestant that with this command I should be able to perform exec
> authorization on ASA
>
> Thanks a lot.
>
> Regards
Blogs and organic groups at http://www.ccie.net
Received on Tue Mar 30 2010 - 05:45:55 ART
This archive was generated by hypermail 2.2.0 : Thu Apr 01 2010 - 07:26:36 ART