Enabling And Disabling Command Authorization Verification - Cisco Nexus 9000 Series Configuration Manual

Configuring TACACS+
Note You must send correct commands for authorization or else the results may not be reliable.
Note The test command uses the default (non-console) method for authorization, not the console method.
Before you begin
Enable TACACS+.
Ensure that you have configured command authorization for the TACACS+ servers.
SUMMARY STEPS
1. test aaa authorization command-type {commands | config-commands} user username command
command-string
DETAILED STEPS
Command or Action
Step 1 test aaa authorization command-type {commands |
config-commands} user username command
command-string
Example:
switch# test aaa authorization command-type
commands
user TestUser command reload
Related Topics

Enabling and Disabling Command Authorization Verification

You can enable and disable command authorization verificaiton on the command-line interface (CLI) for the
default user session or for another username.
Note
The commands do no execute when you enable authorization verification.
SUMMARY STEPS
1. terminal verify-only [username username]
Enabling TACACS+ , on page 73
Configuring Command Authorization on TACACS+
Configuring User Accounts and RBAC
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
Enabling and Disabling Command Authorization Verification
Purpose
Tests a user's authorization for a command on the
TACACS+ servers.
The commands keyword specifies only EXEC commands
and the config-commands keyword specifies only
configuration commands.
Put double quotes (") before and after the
Note
command-string argument if it contains spaces.
Servers, on page 90
93