I want to implement CLI authentication via tacacs+ on Cisco ACS 5.3 server. I follow KB17269, and i can successfull auth with Cisco ACS user, but also I can auth with local SRX users (in this time at ACS logs I can see that user "root" is not finded in identity stores, and access denied). But I want to do, that local users can auth only if tacacs+ server is unreachable (like it work in Cisco equipment). Is the any solution?
#SRX#CiscoACS5.x#TACACS+