10-14-2016 01:58 PM
i am trying to configure tacacs management login for cisco nexus 7k switches. my requirement is to restrict the users to issue only show run command but not the config t. I have configured a profile with privilege level 15 which is allowing show run and config t as well. so i have configured a deny action for config t command and still the users are able to issue this command. I tried with privilege level 3 now the show run is not working but the config t is working. Thats kinda weird..Can anyone help me with this ?