TACACS+ user roles and the
priv-level
attribute
The
priv-lvl
attribute defined on the TACACS+ server, results in the following user role assignment on the switch:
priv-lvl |
User role assigned | Description |
---|---|---|
Not Set | None (authentication error) | priv-lvl not set, so the user is denied access.
|
1 | operators |
Map the user to the
operators role as TACACS
priv-lvl 1.
|
2 to 14 | None (authentication error) | User roles 2 to 14 are not available. Users with these roles are denied access. |
15 | administrators |
Map the user to
administrators role as TACACS
priv-lvl 15.
|
19 | audittors |
Map the user to
auditors role as TACACS
priv-lvl 19.
|
<1, or 16, 17, or 18, or >19 | None (authentication error) | Invalid
priv-lvl value, so the user is denied access.
|