EasyManua.ls Logo

Digi Connect IT 4

Digi Connect IT 4
964 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
User authentication Terminal Access Controller Access-Control System Plus (TACACS+)
Digi Connect IT® 4 User Guide
684
3. (Optional) Prevent other authentication methods from being used if TACACS+ authentication
fails. Other authentication methods will only be used if the TACACS+ server is unavailable.
(config)> auth tacacs+ authoritative true
(config)>
4. (Optional) Configure the group_attribute. This is the name of the attribute used in the
TACACS+ server's configuration to identify the Connect IT 4 authentication group or groups
that the user is a member of. For example, in TACACS+ user configuration, the group attribute
in the sample tac_plus.conf file is groupname, which is also the default setting for the group_
attribute in the Connect IT 4 configuration.
(config)> auth tacacs+ group_attribute attribute-name
(config)>
5. (Optional) Configure the type of service. This is the value of the service attribute in the the
TACACS+ server's configuration. For example, in TACACS+ user configuration, the value of the
service attribute in the sample tac_plus.conf file is system, which is also the default setting in
the Connect IT 4 configuration.
(config)> auth tacacs+ service service-name
(config)>
6. (Optional) Enable command authorization, which instructs the device to communicate with the
TACACS+ server to determine if the user is authorized to execute a specific command. Only the
first configured TACACS+ server will be used for command authorization.
(config)> auth tacacs+ command_authorization true
(config)>
7. (Optional) Enable command accounting, which instructs the device to communicate with the
TACACS+ server to log commands that the user executes. Only the first configured TACACS+
server will be used for command accounting.
(config)> auth tacacs+ command_accounting true
(config)>
8. Add a TACACS+ server:
a. Add the server:
(config)> add auth tacacs+ server end
(config auth tacacs+ server 0)>
b. Enter the TACACS+ server's IP address or hostname:
(config auth tacacs+ server 0)> hostname hostname|ip-address
(config auth tacacs+ server 0)>
c. (Optional) Change the default port setting to the appropriate port:
(config auth tacacs+ server 0)> port port
(config auth tacacs+ server 0)>

Table of Contents

Related product manuals