Hi,
I've successfully set up Commands Authorization using RADIUS, and I can permit or deny specific commands through the RADIUS server.
But when I permit the "configure" command, every sub-command gets permitted automatically. So say I want a login to only be able to issue "AAA" commands, I can't do that, because the moment I allow the login to enter configure mode with the CONFIGURE command, they can do IP commands, INTERFACE commands, etc.
Does anyone know if this is normal behaviour or possible a mistake at my end or a bug?
Is a Procurve 5400zl with newest firmware and the RADIUS server is Microsoft NPS 2012.
/Rasmus
#command#authorization