Manoj Reddy's Reference Guide

Syntax Description

This command has no arguments or keywords.

Defaults

After the aaa authorizationcommandslevelmethod has been issued, this command is enabled by defaultmeaning that all configuration commands in the EXEC mode will be authorized.

Command Modes

Global configuration

Command History

Usage Guidelines

If aaa authorizationcommandslevelmethodis enabled, all commands, including configuration commands, are authorized by AAA using the method specified. Because there are configuration commands that are identical to some EXEC-level commands, there can be some confusion in the authorization process. Using no aaa authorization config-commands stops the network access server from attempting configuration command authorization.

After the no form of this command has been entered, AAA authorization of configuration commands is completely disabled. Care should be taken before entering the no form of this command because it potentially reduces the amount of administrative control on configuration commands.

Use the aaa authorization config-commands command if, after using the no form of this command, you need to reestablish the default set by the aaa authorizationcommandslevelmethod command.

Examples

The following example specifies that TACACS+ authorization is run for level 15 commands and that AAA authorization of configuration commands is disabled:

aaa new-model
aaa authorization command 15 tacacs+ none
no aaa authorization config-commands

Related Commands

Printed for apswan@ctr.ap.nic.in on Wed Mar 5 22:32:57 PST 2003

All material in this document copyright 2000 Cisco Systems, Inc. All rights reserved. No material may be reproduced or distributed without written permission of Cisco Systems, Inc.