aaa authorization exec Command in Cisco IOS
The aaa authorization exec default
command in Cisco IOS is used to define the authorization method for user EXEC sessions for AAA. The available options for this command include:
cache
: Uses cached-group.group
: Uses a server-group.if-authenticated
: Succeeds if the user has authenticated.krb5-instance
: Uses Kerberos instance privilege maps.local
: Uses the local database.none
: No authorization (always succeeds).
In some IOS versions, the group radius
keywords can be used to specify that the list of all RADIUS servers defined by the aaa group server radius
command should be used for authorization. If the group
keyword is not used, a single configured RADIUS server will be used instead.
To ensure compatibility, verify that your IOS version supports the specific syntax of the aaa authorization exec default
command you intend to use.
Links
https://networklessons.com/cisco/ccie-enterprise-infrastructure/aaa-configuration-cisco-switch/