Information
Defines the source of authorization for the commands entered by an administrator/user
Rationale:
Requiring authorization for commands enforces separation of duties and provides least privilege access for specific job roles.
Solution
Run the following to determine the remote the TACACS+/RADIUS servers (server_group_name) as source of authorization and the local database (LOCAL) as fallback method if the remote servers are not available.
hostname(config)# aaa authorization command <server-group_name> LOCAL
This implies that locally, each privilege has its sets of commands configured and username associated just in accordance with the privilege and command definition in the remote servers.