I manage to authenticate fine, but when it tries to authorize - it seems to never use the TACMEMBER attribute;
544: 14:23:18.679 a/64030000: New session
544: 14:23:18.679 a/00000364: ---<start packet>---
544: 14:23:18.679 a/00000364: key used:
544: 14:23:18.679 a/00000364: version: 192, type: 1, seq no: 1, flags: unencrypted
544: 14:23:18.679 a/00000364: session id: 00000364 data length: 38
544: 14:23:18.679 a/00000364: AUTHEN/START, priv_lvl=0
544: 14:23:18.679 a/00000364: action=login (1)
544: 14:23:18.679 a/00000364: authen_type=ascii (1)
544: 14:23:18.679 a/00000364: service=login (1)
544: 14:23:18.679 a/00000364: user_len=6 port_len=3 rem_addr_len=13
544: 14:23:18.679 a/00000364: data_len=8
544: 14:23:18.679 a/00000364: user (len: 6): callum
544: 14:23:18.679 a/00000364: 0000 63 61 6c 6c 75 6d callum
544: 14:23:18.679 a/00000364: port (len: 3): ssh
544: 14:23:18.679 a/00000364: 0000 73 73 68 ssh
544: 14:23:18.679 a/00000364: rem_addr (len: 13): 120.136.2.115
544: 14:23:18.679 a/00000364: 0000 31 32 30 2e 31 33 36 2e 32 2e 31 31 35 120.136. 2.115
544: 14:23:18.679 a/00000364: data (len: 8): cb5235cb
544: 14:23:18.679 a/00000364: 0000 63 62 35 32 33 35 63 62 lol
544: 14:23:18.679 a/00000364: ---<end packet>---
544: 14:23:18.679 a/64030000: authen: hdr->seq_no: 1
544: 14:23:18.679 a/64030000: looking for user callum realm default
544: 14:23:18.679 a/64030000: user lookup failed
544: 14:23:18.706 0/00000000: creating user callum in realm default
544: 14:23:18.706 a/64030000: looking for user callum realm default
544: 14:23:18.706 a/64030000: cfg_get: checking user/group callum, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group core-rw, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group read-write, tag (NULL)
544: 14:23:18.706 a/64030000: user lookup succeded
544: 14:23:18.706 a/64030000: cfg_get: checking user/group callum, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group core-rw, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group read-write, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group callum, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group core-rw, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group read-write, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group callum, tag (NULL)
544: 14:23:18.706 a/64030000: cfg_get: checking user/group core-rw, tag (NULL)
544: 14:23:18.706 a/64030000:
cal...@120.136.2.115: ACL entire-network line 57: NAS "14.1.32.11" <=> "all"
544: 14:23:18.706 a/64030000:
cal...@120.136.2.115: ACL entire-network: Timespec matched (unrestricted)
544: 14:23:18.706 a/64030000:
14.1.32.11: ascii login for 'callum' from 120.136.2.115 on ssh succeeded
544: 14:23:18.706 a/64030000: Writing AUTHEN/PASS size=18
544: 14:23:19.963 b/00000000: cidr match level 0 = all
544: 14:23:19.964 b/2e730000: New session
544: 14:23:19.964 b/0000732e: ---<start packet>---
544: 14:23:19.964 b/0000732e: key used: lol
544: 14:23:19.964 b/0000732e: version: 192, type: 2, seq no: 1, flags: unencrypted
544: 14:23:19.964 b/0000732e: session id: 0000732e data length: 58
544: 14:23:19.964 b/0000732e: AUTHOR priv_lvl=1 authen=1 method=tacacs+ (6) svc=1
544: 14:23:19.964 b/0000732e: user_len=6 port_len=3 rem_addr_len=13 arg_cnt=2
544: 14:23:19.964 b/0000732e: user (len: 6): callum
544: 14:23:19.964 b/0000732e: 0000 63 61 6c 6c 75 6d callum
544: 14:23:19.964 b/0000732e: port (len: 3): ssh
544: 14:23:19.964 b/0000732e: 0000 73 73 68 ssh
544: 14:23:19.964 b/0000732e: rem_addr (len: 13): 120.136.2.115
544: 14:23:19.964 b/0000732e: 0000 31 32 30 2e 31 33 36 2e 32 2e 31 31 35 120.136. 2.115
544: 14:23:19.964 b/0000732e: arg[0] (len: 13): service=shell
544: 14:23:19.964 b/0000732e: 0000 73 65 72 76 69 63 65 3d 73 68 65 6c 6c service= shell
544: 14:23:19.964 b/0000732e: arg[1] (len: 13): cmd=configure
544: 14:23:19.964 b/0000732e: 0000 63 6d 64 3d 63 6f 6e 66 69 67 75 72 65 cmd=conf igure
544: 14:23:19.964 b/0000732e: ---<end packet>---
544: 14:23:19.964 b/2e730000: Start authorization request
544: 14:23:19.981 0/00000000: creating user callum in realm default
544: 14:23:19.981 b/2e730000: cfg_get: checking user/group callum, tag (NULL)
544: 14:23:19.981 b/2e730000: user 'callum' found
544: 14:23:19.981 b/2e730000: cfg_get: checking user/group callum, tag (NULL)
544: 14:23:19.981 b/2e730000:
cal...@14.1.32.11: not found: svcname=shell@all cmd=configure
544: 14:23:19.981 b/2e730000:
cal...@14.1.32.11: not found: svcname=shell cmd=configure
544: 14:23:19.981 b/2e730000: Writing AUTHOR/FAIL size=18