On our datacenter VDX switches I am having a weird issue with AAA and user access. What we have is radius authentication to an RSA server with local-auth-fallback for now. All local accounts have the role of admin and are able to get into configure terminal mode. When logging in with a radius account I no longer have access to configure terminal mode or many other commands, but this is not the case for all radius accounts. My boss's radius account does not have this issue despite the exact same role configured on the VDX and the same settings in RSA.
My reason for believing this issue is on the switch side is that we have another set of VDXs at our DR site and my boss's radius account has the same issue getting to configure terminal mode that my account does on either device.
Also, there are no authorization commands available on our switches, the only ones listed are aaa authentication and aaa accounting, so I'm left to assume it's just the roles listed in the user account commands that control authorization.
Thanks in advance for any help provided, and please let me know if I need to provide more information or changes to my question.