I'm working with a client who recently let go of their network engineer and hired our company to help with managing their network. It appears that the enable password they were given by the engineer as he left is not the actual enable password, which leaves us in a bit of a situation.
Typically, I would just say let's go and reboot the switches and do a password reset, but there are a lot of switches and they're spread out across the country, meaning it's going to be a slog.
They've got a AAA setup in the configuration. I was curious as to whether a user could be somehow elevated on the RADIUS side so that when they logged in, they were already in enable mode.
Just wanted to get thoughts on the subject and see if I'm just delaying the inevitable or if it's feasible.
The authentication order set is local followed by radius, You can find more info on authentication order in the below link.
If the problem persist, Pls open a support case so that our team can review the config and make the necessary changes.