TACACS+ users with role TACP-15 fail to access Expert mode on R77.30 Gaia OS

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk108851
Technical Level
Product	Security Gateway, ClusterXL, Cluster - 3rd party, VSX, Security Management, Multi-Domain Management
Version	R77.30
OS	Gaia
Platform / Model	All
Date Created	07-Mar-2016
Last Modified	05-Jun-2018

Symptoms

TACACS+ users with role TACP-15 fail to access Expert mode on R77.30 Gaia OS:
1. TACACS+ user connects to command line on Gaia OS.
2. TACACS+ user successfully logs in to Clish on Gaia OS.
3. TACACS+ user is not able to access Expert mode - after running "expert" command, the shell does not change:
  HostName:0> expert Enter expert password: Warning! All configuration should be done through clish You are in expert mode now. HostName:0>
/var/log/messages file shows only the following messages after running "expert" command in Gaia Clish:
clish[PID]: cmd by admin: Start executing : expert (cmd md5: ...) clish[PID]: cmd by admin: Processing : expert (cmd md5: ...)

Cause

In R77.30 Gaia OS, a change was made that requires to set the privileges for TACACS+ users.

The default privilege level is set to 96 ("set aaa tacacs-servers user-uid 96").

Solution

Note: To view this solution you need to Sign In .