5-9 config authen_login
Description
Configure a user-defined or default method list of authentication methods for user login. The
sequence of methods will effect the altercation result. For example, if the sequence is tacacs+ first,
then tacacs and local, when user trys to login, the authentication request will be sent to the first
server host in tacacs+ built-in server group. If the first server host in tacacs+ group is missing, the
authentication request will be sent to the second server host in tacacs+ group, and so on. If all
server hosts in tacacs+ group are missing, the authentication request will be sent to the first server
host in tacacs group…If all server hosts in tacacs group are missing, the local account database in
the device is used to authenticate this user. When user logins the device successfully while using
methods like tacacs/xtacacs/tacacs+/radius built-in or user-defined server groups or none, the
“user” privilege level is assigned only. If user wants to get admin privilege level, user must use the
“enable admin” command to promote his privilege level. But when local method is used, the
privilege level will depend on this account privilege level stored in the local device.
Format
config authen_login [default | method_list_name <string 15>] method {tacacs | xtacacs |
tacacs+ | radius | server_group <string 15> | local | none}
Parameters
To Next Page
Loading...
