Cannot get restricted command set to work with ACS 5.5 and HP Procurve switches - Can anyone assist?

I have AAA authentication working with no restrictions and I have TACACS working with command restrictions for my Cisco gear.

Hi... I have created a shell profile in Policy Elements -> Authorization and Permissions -> Device Administration -> Shell Profiles which has a assigned privilege level of 15 and a max privilege level of 15.  Further to this I have added a new commands set via Policy Elements -> Authorization and Permissions -> Device Administration -> commands sets. 
I have referenced the shell profile via Access Policies -> Access Services -> Default Device Admin -> Authorization. And this part of it seems to work fine, but the command set I am using to restrict the commands allowed is not being used...do I need to reference the command set somewhere else within the ACS platform as well?  The configuration I have added on to the Network Device is as follows: -
aaa new-model
aaa authentication login default group tacacs+
aaa authentication enable default group tacacs+
aaa authorization config-commands
aaa authorization exec default group tacacs+ local
aaa authorization commands 15 default group tacacs+ none
Can you advise what it is I am missing?

Similar Messages

  • I cannot get my iPad 2 to work with VPN provider.

    I cannot get my iPad 2 to work with my VPN service provider.  Using OS 4.3.3.  iPad purchased in the USA.  Have heard there are issues with iPad 2 and VPN support.  Any suggestions?

    You can try this ... hold down on the sleep button and the power button at the same time for about 10 seconds until you see the Apple logo on the screen, release the buttons and see if the iPad restarts and you can use it.

  • I have an iphone 4S and i cant download apps onto it. Everytime I click to install, the icon appears on the homescreen with 'waiting' under it and then disappears. Can anyone help? Its driving me mental!

    I have an iphone 4S and i cant download apps onto it. Everytime I click to install, the icon appears on the homescreen with 'waiting' under it and then disappears. Can anyone help? Its driving me mental!

    I found this very good
    http://ipadhelp.com/ipad-help/iphone-ipad-apps-stuck-waiting/

  • I cannot get my Logitech webcam to work with Lync for Mac

    I cannot get my Logitech Webcam or Cinema Display facetime webcam to work with MS Lync. Lync always uses the Macbook Pro's standard webcam and does not give any options anywhere to choose between video devices. The same webcam works with GotoMeeting, Viber, Skype and Google Hangout without any problems.
    Does anyone know how I could get it working with Lync for Mac too? I have the Lync for 2011 version 14.0.7.

    Hello.
    Please download the latest Windows 8 drivers from our website.  You can visit the following link to download the drivers:
    http://www.usa.canon.com/cusa/support/consumer/printers_multifunction/pixma_mx_series/pixma_mx410#Dr...
    If these troubleshooting steps do not work, feel free to call us at 1-800-OKCANON.
    Did this answer your question? Please click the Accept as Solution button so that others may find the answer as well.

  • I cannot get my Canon MX410 to work with my new computer. Computer is Acer Aspire One.

    Cannot get my Canon MX410 to connect with my new Acer Aspire One. 

    Hello.
    Please download the latest Windows 8 drivers from our website.  You can visit the following link to download the drivers:
    http://www.usa.canon.com/cusa/support/consumer/printers_multifunction/pixma_mx_series/pixma_mx410#Dr...
    If these troubleshooting steps do not work, feel free to call us at 1-800-OKCANON.
    Did this answer your question? Please click the Accept as Solution button so that others may find the answer as well.

  • Command Sets not working on ACS 5.1

    I'm running ACS 5-1-0-44-3.
    I have everything running properly on ACS 5.1.  I'd like to implement command sets for selected users and groups.  Under Access Policies -> Device Admin-> Authorization I have Command Sets selected.  The cisco provided is DenyAllCommands.  I have this command set running on all groups and every groups is still able to issue any command they wish.  I've also created a "show_only" command set that I've issued one group and they are still able to do conf t or any other command.
    Am I missing something?
    Do you need to reference the command set name under the shell profiles?
    Its my understanding that all you have to do is reference it in "Authorization" in the rules under Device Admin.
    I can understand a custom command set not working because of user error but DenyAllCommands should work.
    Anyone have any ideas?
    I have already re-patched the ACS
    Stopped and started services.
    And it seems like Command Sets is the only not referenced in the logs

    I do it a lot 
    could you paste screnshot of your command set?
    I've recently met another issue,
    with my command set definition as below (as you can see its very simple):
    almost every show is blocked (as suspected) but not "show run" (which is strange for me)

  • I can not get 3D surround sound to work with my X-Fi and headhones please he

    I have an X-Fi Xtrememusic soundcard and I have been unable to get possitional sound working consistantly with two sets of stereo headphones. I have the latest drivers installed and have creative audio console set to: headphones, game mode, CMSS 3D and I still have no possitional sound at all. Noises seem to come from above my head I can't tell right from left or forward from backward in other words I am completely lost as to were sounds are coming from in games. I used to be able to get possistional sound to function by changing headphones in the creative audio console to 2. or 4. speakers.
    If I set the mode to 5. or higher the sounds in games (footsteps, weapons fire) would become heavily muted and hard to hear while I would gain better positional sound for other players and now this does not work at all. I have also tried disabling sync to windows control panel and changing its sound options and there have been no beneifts from doing so. In settings other then stereo headphones no sound was produced at all while others stopped sound coming from one of my headphone speakers. I am at a total loss I can not think of anything thing else to fiddle with.
    My system specs: Athlon 64 4000+ San Diego, ASUS A8N-E mobo, 2GB DDR400 2.5CAS Buffalo ram, EVGA 7800GT CO, X-Fi Xtrememusic. No popping or crackling sound at least. Thank you you reading this.
    <SPAN class=time_text>
    <SPAN class=time_text>
    <SPAN class=time_text>
    Message Edited by Blah-and-Feh on 04-5-2006 :50 PM

    Hay everyone thanks for the advise but i was finally told by one of the support personnel that I actually need the dri've bay insert that comes with the fidelity in order to get the cmss 3d to work with the headphones.
    I only purchased the extreme gamer not the extreme gamer fidelity and that is why i cant get the cmss 3d to work but it still advertises on the box that you can use the cmss 3d and get that feature. :angry:? Should have done homework but i was out Christmas shopping and i went off of what the box advertised. This is very unusual for me to shop compulsi'vely. The funny thing is that everything else on the box that is advertised such as the increase of the CPU and the EAX HD features are able to be used. Im very upset about this because I particularly bought this card for the cmss 3d. I really don't know if i will ever recommend another Creative Product to any of the people i do computer repair or gamer builds for, unless this gets resolved and the only way to resolve this is to get the cmss 3D to work. By the way I did do a full reinstall even with clean boot so that isn't the problem. I'm really upset and ready to return this product to Best Buy unless this can be resolved. Any admin that comes across this please send me any ways of getting a hold of anyone that can help. Tks and hope yall had a wonderful Thanksgiving.
    Creatively toastedMessage Edited by toast on -24-200608:48 PM

  • Cannot get SSH thru DynDNS to work with Leopard

    Hi everyone,
    OK, I have been digging around online for a long time trying to find a clear answer to my problem, and I can't find it anywhere so I figured I would just start a new thread and see if I could get some help.
    I have an iMac connected wirelessly to an Airport Express which is plugged into my cable modem. I would like to be able to SSH into my iMac remotely. I have an account with DynDNS and have installed their daemon program, which detects my external IP fine. With Tiger, SSH and DynDNS worked great -- I regularly used SSH to sync up my school documents. However, with Leopard, I absolutely cannot get it to work. If I ping my DynDNS name or my IP address, it responds, but I cannot portscan my machine or access it in any way. Back To My Work works fine (when it works at all), but I want a solution that will always work with any machine.
    I am not a newbie and know a lot about OS X, but I am not very familiar with networking lingo and have been largely confused by the information I have found online about similar problems. If you have figured out a solution to this problem and can give me a clear explanation, I would love it. I seem to have read somewhere that this required me to set a static IP for my iMac from the Airport, but I haven't been able to figure out how to do that without breaking my internet connection.
    Thanks!
    Alex

    All my macs at home and in my office are running leopard. I have no problem with SSH logins from outside my network using a Dyndns name.
    From the mac that your using to engage the ssh connection use the host command in your terminal app to see if the dyndns name is resolving to the correct IP of your server.
    host dydns.name.org
    If that runs up the correct IP address engage the ssh connection using the IP address.
    If that works then your ssh client is having dns issues
    so engage the connection again with the dyndns name but use a very verbose login so see if it turns up an error
    ssh -vvv dyndns.org
    replace dyndns.org with your actual domain name.

  • I cannot get my home sharing to work with my new PC. I have tried all suggestions from the manuels. Can anyone help?

    i cannot get my homesharing to work with my new PC. Any ideas besides the ones in the manuel

    Yes, I do think it is no longer using PPPoE.. but the IP is configured to the fibre to ethenet or vdsl port.
    You might need to ring the ISP and get them to give you details.
    Anyway it is easy to try.. plug the Extreme WAN port to the new modem and test with dhpc. Check that you get a public not private IP address.

  • I have requested and accepted the most current Firefox program updates with my windows vista system. They are not registering but I am told they are downloaded. Then I cannot get the printer option to work with any version of firefox. in English

    I have taken the firefox updates when offered to 4.4. I have the browser as an aside to Internet Explorer 9 as a backup browser. When I use Firefox I am being told my system is not up to date and I need a newer version. I download the version and keep getting told I am not current with firefox. When Firefox DOES work I cannot get any printer icon or settings to enable and allow the printing of a page. I have to use IE9 to get the printer to work. Using eBay I cannot get the uploading of pictures from my computer to consistently operate even though I use small JPG files under 500KB.

    There are a lot of IntelliTXT like ''ad'' pop-ups possible.
    If your current Adblock Plus filter settings aren't blocking some pop-ups then it is best to take this to the Adblock Plus forum.
    * https://adblockplus.org/forum/
    * http://en.wikipedia.org/wiki/Category:Internet_advertising_services_and_affiliate_networks
    * http://en.wikipedia.org/wiki/IntelliTXT

  • Cannot get Aperture External Editor to work with CS2

    Hi,
    I've been trying to get Aperture to work with CS2 as the External Editor. After setting the Aperture prefs and trying it out, CS2 opens, but goes into an eternal wait state without the picture ever showing up. After this happens, CS2 no longer works correctly by itself, even after a restart. It again goes into an eternal wait state. Reloading CS2 from scratch makes it work OK. I tried again, but alas trying to get CS2 hooked up to Aperture again repeated the problem and I had to reload CS2 yet again to get it working. Any ideas as to what I'm doing wrong or how to get this feature working.
    Charlie Maiorana

    Hi!
    I would suggest the following:
    Insert your Snow Leopard disk, when you are in Windows 7. Install the Bootcamp 3.0 drivers.
    Then restart your computer into Windows 7 and apply the Bootcamp 3.1 update.
    Then, you can try again running Starcraft 2 beta. However, you can not be sure that this beta version
    will be running.
    With regards,
    Dagd

  • I cannot get my DAQPAC 6016 to work with Matlab R14, what driver do I need?

    I've just installed the software necessary to support the DAQPAC 6016 usb device. Using NI software, the hardware appears to operate. However, I cannot get Matlab R14 to work with it at all. The following matlab line fails immediately: AI = analoginput('nidaq', 1);
    I installed the SW and drivers that came with the daqpac which I believe is v7.1 or v7.3 (don't know because I don't have the actual labview).
    I am stuck, where do I go from here?
    Joost

    Joost,
    NI currently has two drivers -- NI-DAQ Traditional (Legacy) and NI-DAQmx Measurement services. NI-DAQmx is the newer driver, and our newest boards are only supported with NI-DAQmx. That being said, the DAQPad 6016 is only supported in NI-DAQmx, and the Matlab DAQ Toolbox currently only supports Traditional DAQ.
    Your solution, at the moment, seems to swtich to another appication development evironment (LabVIEW, LabWindows/CVI, Visual Studio, .NET...)
    Hope this helps,

  • TS3899 Cannot get my shaw email to work with ios8 on iPhone 5c.  Keep getting unable to verify account information

    I have had my shaw email on my phone forever without problem.  updated to ios8 on thursday and today i cannot access it.  Password is correct but kept asking for it and saying it was wrong.  Deleted the account and tried re-adding it and now i get Exchange Account Unable to Verify account information.  I also tried adding it as other and same message.  I went to shaw's info page but they have not updated for ios8 yet.

    Thanks for your reply.  I use Sky email which is managed by google. I have now deleted the account and set it up again and that seems to be working now. I'm still having problems just getting the Internet connection to work. I won't be taking on any more software upgrades in future until I'm sure that they are worth it.

  • I cannot get my Ipod touch to work with my Orange Live Box

    Hello!
    Please help me - this is my second day of trying to resolve this!
    I cannot get my Touch to connect to my Orange (Wanadoo) livebox. I have tried pressing '1' to allow the devices to pair. Doesnt help although the small antennae-like light does not flash on the live box (thought it should!). I have entered the 26 digit WEP key more times than I care to remember. I heard that I should change settings from WPA/WEP to WEP only but cant work out how to do this.
    Very grateful for any assistance.

    Hello and Welcome to Apple Discussions. 
    WEP can be cracked in a few minutes. Try switching to WPA which is mroe secure and isn't finiky about passwords like WEP is.
    mrtotes

  • I cannot get my 8800e-1 to work with isync

    I have the 8800 Arte (Black) the phone id is 8800e-1.
    I am using OSX5 latest version and latest version of iSync
    I cannot get it to regonise my phoen to sync the details.
    I have Nokia connection software which syncs all my itunes and photos brilliant but not my contacts.
    Please can any body help.
    Thanks

    I don't have this phone but the 8800 and the 8801 is listed as supported directly by iSync since 10.4.9.
    Have you paired your phone successfully with your Mac via Bluetooth or are you using only a USB connection?

Maybe you are looking for

  • CONVERT_ABAPSPOOLJOB_2_PDF doesnt prompt to save the filename

    Dear all    Here with this i m getting the spool but CONVERT_ABAPSPOOLJOB_2_PDF doesnt prompt to save the PDF file . Do i need to use GUI_DOWNLOAD along with this .   PlllllZZZZZZ...... suggest     SELECT SINGLE * FROM ZPLH WHERE VBELN = SSORD       

  • Error in connection to SEM, changes will not be saved

    Hi All, When i am creating an opportunity i am getting an error "Error in connection to SEM, changes will not be saved", and it does not allow me to save the opportunity. Regards, Radhika

  • Which browser is best for macbook pro?

    Which browser is best for macbook pro. I have used Safari for a couple of years but have been told recently that I would be better switching to Chrome

  • K9vgm-v multiple monitors

    Hi, I have à k9vgm-v motherboard with a onboard graphic card. I want to have 2 monitor and install à pcie card. Now the pcie card work but the onboard is not working. So I'm still only be able to use one monitor. thanks for your help

  • Dlink wifi dongle issue

    Stops working suddenly. Ping says 'no route to host' in that case. [ 4912.706872] usb 1-5: new high-speed USB device number 8 using ehci-pci [ 4913.103466] usb 1-5: reset high-speed USB device number 8 using ehci-pci [ 4913.580318] ieee80211 phy2: rt