AAA authorization and control logging show

Similar Questions

• CD/DVD drive disappears and event log show EventID 9 [qualification] 49156 then EventID 12 49152 [qualification]

  Vista Ultimate SP 2 using Dell XPS Studio 420.

  Dell support has been useless after several visits there replacement DVD player twice and destroy several Roxio Creator installs.  This problem seems related to a sort of better power management problem that I can determine.

  When the problem arises that the system hangs for 30 seconds, then the DVD player to a disappeared from my computer.  Once the map his farm work as well.  A reboot of the system always restores these problems but then some time later they breed.  This problem occurs quite often a few times several times a day.  Here's the event log entries complete:

  -System

  -Supplier

  [Name] iaStor
   
  -EventID 9

  [Qualification] 49156
   
  Level 2
   
  Task 0
   
  Keywords 0 x 80000000000000
   
  -TimeCreated

  [SystemTime] 2010-04 - 27 T 01: 59:20.881Z
   
  EventRecordID 144570
   
  Channel system
   
  Desktop
   
  Security

  -EventData

  \Device\Ide\iaStor0
  0F0005000100000000000000090004C00100000000000000000000000000000000000000000000000000000000

  -System

  -Supplier

  [Name]  PlugPlayManager
   
  -EventID 12

  [Qualification] 49152
   
  Level 2
   
  Task 0
   
  Keywords 0 x 80000000000000
   
  -TimeCreated

  [SystemTime] 2010-04 - 27 T 01: 59:52.000Z
   
  EventRecordID 144571
   
  Channel system
   
  Desktop
   
  Security

  -EventData

  HL-DT-ST BD - RE BH20N
  IDE\CdRomHL-DT-ST_BD-RE__BH20N___C105___\4&369efe6a&0&0.2.0
  00000000

  Additional information from http://www.intel.com/support/chipsets/imsm/sb/CS-025783.htm

  "Timeout errors reported by iastor or iastor (v) in the Microsoft Event Viewer.

  "A change was made by Microsoft in the Windows Vista installation process. The result of this change is that the register Intel® Matrix Storage Manager LPM parameters which were intended for mobile installations are added for both office facilities. These LPM registry settings are added to both the RAID Intel® Matrix Storage Manager driver on the installation Windows Vista, as well as for all the added drivers disc during installation.

  Serial ATA desktop devices such as hard drives and CD/DVD drives have been reported that do not comply with the specification Serial ATA LPM and display erratic behavior when LPM is enabled.

  Because changing the configuration means that LPM is enabled by default for all Windows Vista platforms, using a device that does not completely respect the specifications may cause one of the problems listed. »

  I'm at Version 8.6 Intel Matrix Storage console well beyond the recommended version to solve this problem.

  Other research indicates that a registery hack is needed to solve this problem because the Intel driver is not yet certified (?).  The question is why a laptop power management setting is defined in a desktop computer.  It seems that these registry settings cause the hangs and the loss of the DVD player.  See http://derek858.blogspot.com/2009/01/windows-7-intel-sataahci-lockups.html

  The registry entries are for all ports are: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iaStor\Parameters\Portx] "LPMDSTATE" = DWORD: 00000001 must be zero.  I have not yet tried it.

  Chris,

  Yes, the problem has not reoccured since the installation of the latest Intel Matrix Console now known as Intel Rapid Storage Technology (RST) v9.6.0.1014.  I ran for ten days with the plague of your Player DVD which disappears and the EventID 9 [qualification] 49156 log records.  It seems to identify iastor.sys with this version of the code as the fixer of the problem and the culprit in earlier versions.  I don't see anything on the Intel site that explains the difficulty.  One would think that they could speak and help those who have the same problem.

  Thanks to all who helped.

  Dave

• I am not able to browse the network. The workstation services and control of browser will not start. The event log shows the workstation service terminated with error code 2250.

  Internet, not able to browse computers on the network

  The computer has internet access, but I am not able to browse the network. The workstation services and control of browser will not start. The event log shows the workstation service terminated with error code 2250. Also in the event log Workstation reports: could not load RDR device driver. Cannot run the sfc in safemode, gives the 0x000006ba error, the rpc server is unavailable. Runs under normal windows, noticed in the registry last run: 0x000003e3 error code (try adding c:\windows\system32\drivesr\i81xnt5.sys to the dllcache)

  I'm puzzled.

  Hello

  I suggest you to send your request in the below link.

  http://social.technet.Microsoft.com/forums/en-us/itproxpsp/threads

• My control panel shows only one user, but when I start it shows two users on the logon screen. and I know no other password

  My control panel shows only one user, but when I start it shows two users on the logon screen. My user is an administrator. But I do not know password of another user. I am currently using as an administrator. But I also want other user password. Answer please

  Your machine has only two accounts: admin and guest. I saw a few messages before which the poster makes an additional account on the log on screen that does not exist. Since there is not, it cannot be used.

  Also note that you play a game at high risk, having only one administrator account. This forum deals daily with posters including one and only the admin account went bad for one reason or other. Something about it now while you can: create, test, and document a spare, even admin account that you have a spare emergency House key.

• EM Database Control & LSNRCTL shows contradictory information about logging

  Hi all
  
  I was taking a look at EM Database Control, to the title of the page 'Net Services Administration', 'Registration & Tracing' tab, the "logging Disabled radio button is checked." And the "Log file" filed shows "D:\app\Asus\product\11.2.0\dbhome_1\network\log\LISTENER.log" as default.
  
  But when I check with lsnrctl, it shows as follows:
  LSNRCTL > show log_status
  Connection to (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC) (KEY = EXTPROC1521)))
  Parameter "log_status" LISTENER on IT
  The command completed successfully
  LSNRCTL > show log_file
  Connection to (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC) (KEY = EXTPROC1521)))
  The value parameter LISTENER 'log_file' d:\app\asus\diag\tnslsnr\Jeff-PC\listener\alert\log.xml
  The command completed successfully
  LSNRCTL >
  
  Oracle Net Manager indicates that logging is on, but I do not see the path of the log file full & name, such that the field is disabled.
  
  I'm so fair to conclude as follows?
  1. There is a bug in the EM Database Control, on the State of the listener logging
  2. the new path by default and the name of the file the listener log is now % ORACLE_BASE%\diag\tnslsnr\Jeff-PC\listener\alert\log.xml, and %ORACLE_BASE%\product\11.2.0\dbhome_1\network\log\LISTENER.log is no longer valid.
  
  Please don't advice, because my experience is mainly on Oracle 10 g. Thank you much in advance.

  Salvation;

  Can I know how to close this thread? I tried searching for close in the FAQ, but found nothing.

  You can close this thread as changed status thread answer ;)

  Respect of
  HELIOS

• When I try to view my devices to Control Panel/hardware and Sound/devices and printers, he treats forever and does not show the devices.

  When I try to view my devices to Control Panel/hardware and Sound/devices and printers.  It treats forever and does not show the devices.  I need help!

  
  Original title: device and Printers window
  There could be various reasons why the window devices and printers stalls. All the control points are listed here.
  Fix devices and printers folder is completely empty in Windows 7

• On windows 8 CC stopped working and install new show no programs control panel CC

  Hello

  For several weeks, I tried to update my programs since the CC Control Panel, but when I open the CC table it opens but shows not all programs. Please see this file that shows a WHITE Panel: http://magnetart.com/CCPanelBlank.jpg.

  I use Windows 8 on an HP laptop. Before today, I've updated my CC on 11 August 2013 and CC had worked before my problems in mid-December.  Here's what I've done so far:

  1. Downloaded the latest CreativeCloudSet file - Up.exe on 28/12/13; installed and still no show of the CC Control Panel programs
  2. sent an email to support CC (but received no reply)
  3. Today, I opened the CC table - and still no programs have shown
  4. uninstalled CC in my task manager
  5. downloaded and intsalled the last CreativeCloudSet - Up.exe today
  6. run the file CreativeCloudSet - Up.exe "again" and appeared to install, BUT at the opening of the CC Panel - I AI No. PROGRAMS ACCUSE AGAIN.

  My end of subscription in March - my renewal notice begins Jan. 24 - according to me, I need to get this problem resolved before renewing. My products will work after January 24? I have sent numerous emails to another area of support, but received no answers.

  It is interesting to note that I am successfully able to run the application on my Windows 8 HP PC CC. It shows all the intstalled apps and applications that are available for download.

  Best regards for any help on this problem.

  Karen

  This issue has been resolved via the Adobe support Chat option!

  NOTE TO SELF: read the forum posts and try to solve the problem. When this does not work, use the Adobe Chat support. I just managed to solve the problem in less than 10 minutes.

  When all else fails I suggest that others use chat support!

  Karen

• I am unable to connect with GANYMEDE + connection after the addition of aaa authorization network command

  Hello

  I test an aaa authentication switch when it does not communicate to ISE, and I found a strange behaviour. After that I added the aaa accounting and authorization authentication controls and reloaded the switch I was not able to connect to the switch with the GANYMEDE login

  The switch continued in cycles showing the banner give 3 times authentication failure message and then the cycle begins with the failed, banner and sign message

  I removed the aaa authorization network command and I reloaded the switch and I was able to connect successfully.

  could someone help me with this problem.

  Hi Nitesh-

  This command (... aaa authorization network) has nothing to do with the admin authorization on the n basis (in this case, the switch). This command applies to the network connections such as PPP, SLIP, etc.

  In addition, aaa authorization can be performed by Ray and not only GANYMEDE +. RADIUS is not too powerful and you can provide authorization command sets but you can always return roles and different levels of privilege.

  Have you tested the above configuration syntax? I did and it works as expected!

  Thank you for evaluating useful messages!

• AAA authorization fails, but still command is executed...

  Hello world

  I've implemented the authorization and he basically works. The user can only use a limited set of commands (show int status, conf t interface ethernet, gigabitethernet interface, interface fastethernet, closed, non-stop).

  Now, I'm trying to configure a loopback or interface Vlan, which should not be allowed.

  COMMANDS IN ŒUVRE:

  AAA authorization config-commands
  AAA authorization commands vty 0 group Ganymede + none
  AAA authorization commands 1 vty group Ganymede + none
  AAA authorization commands 15 vty group Ganymede + none

  line vty 0 15
  authorization to control vty 0
  vty orders 1 authorization
  authorization orders 15 vty

  COMMAND AND THE OUTPUT FROM THE TESTS:

  SWITCH (config) #int vlan 2
  Authorization of command failed.

  DEBUG AAA APPROVAL:

  SWITCH #.
  

  7 Dec 14:31:50: AAA: analyze name = tty1 BID type =-1 ATS = - 1
  

  7 Dec 14:31:50: AAA: name = tty1 flags = 0 x 11 type = 5 shelf = 0 = 0 = 0 = 1 0 = channel port adapter slot
  

  7 Dec 14:31:50: AAA/MEMORY: user create_user (0x46603F4) = "USER1" ruser = 'SWITCH' ds0 = 0 port =
  

  "tty1' rem_addr'10.10.255.249 = 'authen_type = ASCII service = NONE priv = 15 initial_task_id = ' 0', vrf = (id = 0)

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): Port = list "tty1" = "SCA" service = CMD
  

  7 Dec 14:31:50: AAA/AUTHOR/CMD: tty1 user (60725991) = "USER1".
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): send service AV = shell
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): send cmd = interface AV
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): send cmd - arg = AV Vlan
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): send cmd - arg = 2 AV
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): send cmd - arg = AV
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): found the list "SCA".
  

  7 Dec 14:31:50: tty1 AAA/AUTHOR/CMD (60725991): method = Ganymede + (Ganymede +)
  

  7 Dec 14:31:50: AAA/AUTHOR/TAC +: (60725991): user = User1
  

  7 Dec 14:31:50: AAA/AUTHOR/TAC +: (60725991): send service AV = shell
  

  7 Dec 14:31:50: AAA/AUTHOR/TAC +: (60725991): send cmd = interface AV
  

  7 Dec 14:31:50: AAA/AUTHOR/TAC +: (60725991): send cmd - arg = AV Vlan
  

  7 Dec 14:31:50: AAA/AUTHOR/TAC +: (60725991): send cmd - arg = 2 AV
  

  7 Dec 14:31:50: AAA/AUTHOR/TAC +: (60725991): send cmd - arg = AV
  

  7 Dec 14:31:50: AAA/AUTHOR (60725991): permission post = FAIL
  

  7 Dec 14:31:50: AAA/MEMORY: free_user (0x46603F4) user = "USER1" ruser = "SWITCH" port = "tty1" r
  

  em_addr = '10.10.255.249' authen_type = ASCII service = NONE priv = 15

  
  

  As you can see the answer of the Ganymede is a "FAILURE", but still the command is executed.

  RESULT:

  SWITCH #sh run int vlan 2
  Building configuration...

  Current configuration: 38 bytes
  !
  interface Vlan2
  no ip address
  end

  QUESTION:

  I don't understand what the problem... Since I get a Ganymede Server FAILURE I guess that the configuration of this side is fine.

  But why the button ignore a FAILURE, always run the command? Same problem exists with the loopback Interface.

  Is it just me not the basic concept of AAA understandig or is it another problem?

  The switch is a Cisco WS-C3750-24TS (running c3750-ipbasek9 - mz.122 - 50.SE2.bin).

  The Ganymede running Cisco Secure ACS4.2.0.124

  Thank you

  Tom

  Hi Tom,

  It's CSCtd49491 : GANYMEDE authorization failed-command for the configuration of the interface.

  The bug is currently in a closed state, which means that the "bug report is valid, but a conscious decision accomplished not remedy all or all outputs."

  As far as I know, the impact is rather limited, given that the interface that is created has no effect unless the vlan exists, and even in this case, the effect is minimal since it cannot be configured.

  You can open a TAC case or work with your account team to get the bug if it is still a matter of concern but has reopened.

  HTH

  Herbert

• AAA Authorization % failed.

  Even my credentials accepted in the CSA authorization failure, anyone has any idea what it could be?

  (Unauthorized use is not permitted)

  username: tparrilha

  password:

  % Failed authorization.

  Debug aaa journals

  * 2 May 09:48:30.840: AAA/AUTHOR/EXEC (00000026): FAILED authorization

  * 2 May 09:48:41.612: AAA/BIND (00000027): link i / f

  * 09:48:41.612 2 may: AAA/AUTHENTIC/LOGIN (00000027): choose method list "by default".

  * 09:48:45.440 2 may: AAA/AUTHOR (0x27): choose method list 'default' - FAIL

  * 2 May 09:48:45.456: AAA/AUTHOR/EXEC (00000027): authorization FAILURE

  AAA new-model

  !

  AAA server Ganymede group + Bainet

  Server 172.20.244.10

  !

  AAA-authentication failure message ^ CCCC sorry the password is wrong ^ C

  Group AAA authentication login default local Bainet

  Group AAA authentication enable default Bainet allow none

  AAA authorization config-commands

  default AAA authorization exec Bainet local group

  AAA authorization commands 1 default local group of Bainet

  Group of controls 2 AAA authorization Bainet local default

  Group of default controls 3 AAA authorization local Bainet

  Group of 4 AAA authorization local Bainet orders default

  Group of controls 5 AAA authorization Bainet local default

  Group of 6 AAA authorization local Bainet orders default

  Group of controls 7 AAA authorization Bainet local default

  Group of orders 8 AAA authorization Bainet local default

  Group of 9 AAA authorization local Bainet orders default

  Group orders 10 AAA authorization Bainet local default

  AAA authorization commands default 11 local group Bainet

  AAA authorization commands 12 default local group of Bainet

  AAA authorization commands 13 default local group of Bainet

  AAA authorization commands by default 14 Bainet local group

  AAA authorization commands by default 15 Bainet local group

  AAA authorization Bainet configuration default group

  AAA accounting send stop-record an authentication failure

  failure to exec AAA accounting

  action-type market / stop

  Group of Bainet

  !

  default of 0 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  by default the control 1 AAA accountant

  action-type market / stop

  Group of Bainet

  !

  by default the control 2 AAA accounting

  action-type market / stop

  Group of Bainet

  !

  by default the control of 3 Accountants of the AAA

  action-type market / stop

  Group of Bainet

  !

  by default the control of 4 Accountants of the AAA

  action-type market / stop

  Group of Bainet

  !

  by default of 5 Accountants of the AAA commands

  action-type market / stop

  Group of Bainet

  !

  by default of 6 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  by default of 7 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  by default of 8 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  default commands 9 accounting AAA

  action-type market / stop

  Group of Bainet

  !

  failure to order 10 AAA accounting

  action-type market / stop

  Group of Bainet

  !

  by default of 11 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  by default of orders 12 Accountants of the AAA

  action-type market / stop

  Group of Bainet

  !

  by default the control of 13 AAA accounting

  action-type market / stop

  Group of Bainet

  !

  by default of 14 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  by default of 15 AAA accounting orders

  action-type market / stop

  Group of Bainet

  !

  by default, the AAA accounting network

  action-type market / stop

  Group of Bainet

  !

  default connection accounting AAA

  action-type market / stop

  Group of Bainet

  !

  default value of the AAA accounting system

  action-type market / stop

  Group of Bainet

  Ganymede IP source interface FastEthernet0/0.1

  RADIUS-server host 192.168.110.1 single-connection

  RADIUS-server application made

  RADIUS-server key 7 11485807161B4A0E0524282B6972

  #show worm

  RT-NAMIBE-NEBS version #show

  Cisco IOS software, 2800 Software (C2800NM-ADVENTERPRISEK9_IVS_LI-M), Version 12.4 (24) T4, VERSION of the SOFTWARE (fc2)

  Technical support: http://www.cisco.com/techsupport

  Copyright (c) 1986-2010 by Cisco Systems, Inc.

  Last update Fri 03-seven.-10 05:39 by prod_rel_team

  ROM: System Bootstrap, Version 12.4 (13r) T, RELEASE SOFTWARE (fc1)

  RT-NAMIBE-NBE uptime is of 12 weeks, 5 days, 23 hours, 56 minutes

  System to regain the power ROM

  System image file is "flash: c2800nm-adventerprisek9_ivs_li - mz.124 - 24.T4.bin".

  After the debug message * 2 May 09:48:45.440: AAA/AUTHOR (0x27): choose method list 'default' - FAIL* the control will be passed to GANYMEDE. We are not this newspaper, who didn't understand why it failed in the Ganymede authorization. Looking at your configuration, its clear that you expect then question the user only if password enable priv-lvl = 15 is not currently configured on ACS for the user/group.

  Could also remove you single-connection from the below listed command and try again.

  RADIUS-server host 192.168.110.1 single-connection

  In case it does not work, send the full output of debugs depending on if possible.

  Debug aaa authentication

  Debug aaa approval

  Debug RADIUS authentication

  Debug permission Ganymede

  Debug events Ganymede

  Jatin kone

  -Does the rate of useful messages-

• The family safety activity log shows no data for Facebook

  Original title: Family Safety + Chrome + Facebook

  The latest version of Live Essentials is installed on Windows 7

  Parental controls will not register the Chrome Facebook activity.
  I see in the activity that children use, for example, 0.5 hours of chrome, but there is no granular information.
  My daughter spent 2 hours on Facebook and the Family Safety activity log shows no data to Facebook.
  The computer is a new installation of Windows 7
  Live essentials have been installed yesterday.
  All web links for accounts for children have been created yesterday
  Does anyone have a suggestion on how to see real activity?
  Also, before someone suggests using another browser, is not an option, IE is uninstalled.
  Chrome is the only browser used because of all the android devices, we have.
  Thank you

  Client Windows Live Family Safety currently not reported HTTPS traffic unless the web of the child, filtering mode is set to "notify on the adult.  Facebook who worked in HTTP mode has recently moved that the HTTPS site and that's the reason to not see, Facebook or any other site that is HTTPS in the progress report on Windows 7 machines.

  It is resolved in Windows 8 and activity reports should show HTTPS traffic.

  Current work around that for Windows 7 client

  -Set the mode of web filtering to ' warn on adult "- child will receive a warning message if they go to all the adult sites and the parents will be informed in the annual report if the child decides to go to the site.

  Sorry for the inconvenience.

  Thank you

  Shankar

• When I move a JPEG in a folder is no longer visible and he always shows as jpeg.

  Note: I can't delete it or change the name... says access denied... and I am the administrator of my computer.

  In addition, some art work that I save as a jpg file of paint... not even in a folder does not show the image, but shows that it is there.

  Unable to modify or delete either. And have lost access to view and/or print.

  I have thousands of photos and it affects only about 30 in my photo folder.

  Thanks for the help

  Hello

  Follow these steps and check if it solves the problem:

  a. log in the computer with an account that has administrative credentials. If you are running Microsoft Windows XP Home Edition, you must start the computer in safe mode, and then log on with an account that has administrative rights to access the Security tab.
  b. If you are using Windows XP Professional, you must disable Simple file sharing.
  c. right click on the file/folder you want to take control and then click Properties.
  d. click on the Security tab and then click OK on the security message (if one appears).
  e. click Advanced and then click the owner tab.
  f. in the name list, click your user name, click Administrator, if you are logged in as administrator, or click the Administrators group. If you want to take ownership of the contents of this folder, select the Replace owner of subcontainers and objects to check.
  g. click OK and then click Yes when you receive the following message is displayed:
  You are not allowed to read the contents of directory folder_name. Do you want to replace the the directory permissions with permissions granting you full control?
  All permissions will be replaced if you press Yes.
  h. click OK, and then reapply the permissions and security settings that you want for the folder and its contents.

  Also see this article:
  

  "Access denied" error message when you try to open a folder
  http://support.Microsoft.com/kb/810881

  Kind regards
  Afzal Taher
  Microsoft technical support engineer

• The event log shows event 11 atapi: the driver has detected an error in the controller on \Device\Ide\IdePort1

  Intermittent crashes. The event log shows event 11 atapi: the driver has detected an error in the controller on \Device\Ide\IdePort1. How can I find this device? This is probably a hardware problem?

  I look at intermittent crashes, where my cursor becomes an hourglass and the system does not yet meet the ctrl-alt-delete.  In the case of a newspaper, I find

  Event 11 atapi: the driver has detected an error in the controller on \Device\Ide\IdePort1.

  How can I determine which physical devices this is associated?  This indicates a hardware problem, or driver or firmware may be the source? The system has worked very well for a few years.  I'm not aware of any change in software that took place recently, although I have had by force, remove and reinstall iTunes earlier.

  I run SMART on all players controls and run diagnostics.  I ran chkdsk on the one I found the culprit, but not mistakes.

  Just in case it was a deadlock linked to memory, I tried to use the Diagnostics memory Microsoft on floppy, but it would not write on the disk (even if I could format and copy the files freely).

  Hello

  Go to your configuration and see which drive is for each port; 1,2,3,4...

  Then go to the Device Manager and look at how many SATA controller you have and how many ports for each, then start count from 0 to IdePort0, 1, 2, etc. for each SATA controller, so if you have 4 ports for each SATA controller, here is how you came from:

  IdePort0 1 -, 2 - IdePort1, 3 car - IdePort2 and road 4 - IdePort3 in the order of road by car

  I hope it helps

• ACS - ASA authorization and accounting

  Hello

  I have a few questions about the authorization and accounting on the ASA via an ACS server

  1. When I activate the command 'aaa authorization command' users of SSH commands I get locked on console then I have to configure the console, telnet and allow to be authenticated via Ganymede too, is it possible to allow SSH via Ganymede while keeping the Console and telnet authenticated locally or not even no authentication?
  2. I visited command 'aaa accounting TAC' accountant on ASA, but I noticed that GBA records just mod configuration commands ' focus on in 15 "not show all command or privilege 1, is possible to fix this?"»
  3. RADIUS supports authorized SHELL?

  Thank you for your support

  1.] Unfortunately, it is currently not possible to exclude the command authorization serial number / console or ssh to users while having it apply to other methods of access in the case of ASA. Once you run this command, it would be applicable to all methods such as ssh, telnet, http, enable and console. This can be easily achieved by IOS (routers and switches) by creating a list of method.

  2.] when configuring the aaa accounting command , each other than display command command commands entered by an administrator is recorded and sent to accounts or servers. This is a default behavior on the SAA. IOS send/check orders show on ACS/Ganymede.

  http://www.Cisco.com/en/us/docs/security/ASA/asa81/command/ref/A1.html

  Kind regards

  Jousset

  The rate of useful messages-

• AAA authorization problem

  I have the following Setup on my way...

  AAA new-model

  AAA authentication login default group Ganymede + local

  authentication connecting line CONSOLE of AAA.

  AAA authorization config-commands

  AAA authorization exec default group Ganymede + local

  AAA authorization commands 1 default group Ganymede + authenticated if

  AAA authorization commands by default 10 group Ganymede + authenticated if

  AAA authorization commands 15 default group Ganymede + authenticated if

  The problem is that when I log into the switch through the console port and enter these commands in, I instantly "Command authorization failed" on all orders get there. It's mind-boggling because there is no possible way that the switch is in talks with my Cisco ACS. I have not yet put in the radius-server key. I have to restart the box every time. What Miss me?

  Thank you for your time. I use IOS Version 12.2 (25) SEB4.

  -Andrew

  Hello

  Before proceeding with the configuration of Ganymede create a local user.

  Add the following commands.

  username cisco password cisco

  AAA new-model

  AAA authentication login default group Ganymede + local

  AAA authorization commands 1 default group Ganymede + authenticated if

  AAA authorization commands 15 default group Ganymede + authenticated if

  AAA authorization config-commands

  RADIUS-server host x.x.x.x

  GANYMEDE-server key...

  Please mark me if it helps you