Enterasys b5

To Next Page

To Previous Page

set tacacs session

Enterasys B5 CLI Reference 23-7

set tacacs session

UsethiscommandtoenableordisableTACACS+sessionaccounting,ortoconfigureTACACS+

sessionauthorizationparameters.Forsimplicity,separatesyntaxformatsareshownfor

configuringsessionaccountingandsessionauthorization.

Syntax

set tacacs session accounting {enable | disable}

set tacacs session authorization {service name | read-only attribute value |

read-write attribute value | super-user attribute value}

Parameters

Defaults

None.

Mode

Switchcommand,Read‐Write.

Usage

Whensessionaccountingisenabled,theTACACS+serverwilllogaccountinginformation,suchas

startandstoptimes,IPaddressoftheclient,andsoforth,foreachauthorizedclientsession.

WhentheTACACS+clientisenabledontheswitch(withthesettacacsenablecommand),the

sessionauthorizationparametersconfigured

withthiscommandaresentbytheclienttothe

TACACS+serverwhenasessionisinitiatedontheswitch.Theparametervaluesmust matcha

serviceandaccesslevelattribute‐valuepairsconfiguredontheserverforthesessiontobe

authorized.Iftheparametervaluesdonotmatch,the

sessionwillnotbeallowed.

accounting SpecifiesthatTACACS+sessionaccountingisbeingconfigured.

enable|disable EnablesordisablesTACACS+sessionaccounting.

authorization SpecifiesthatTACACS+sessionauthorizationisbeingconfigured.

servicename SpecifiesthenameoftheservicethattheTACACS+clientwillrequest

fromtheTACACS+server.Thenamespecifiedhere

mustmatchthe

nameofaserviceconfiguredontheserver.Thedefaultservicenameis

exec.

read‐onlyattribute

value

Specifiesthattheread‐onlyaccessprivilegelevelshouldbematchedto

aprivilegelevelconfiguredontheTACACS+serverbymeansofan

attribute‐valuepairspecifiedbyattribute

andvalue.

Bydefault,attributeis“priv‐lvl”andvalueis0.

read‐writeattribute

value

Specifiesthattheread‐writeaccessprivilegelevelshouldbematchedto

aprivilegelevelconfiguredontheTACACS+serverbymeansofan

attribute‐valuepairspecifiedbyattributeandvalue.

Bydefault,attributeis

“priv‐lvl”andvalueis1.

super‐userattribute

value

Specifiesthatthesuper‐useraccessprivilegelevelshouldbematchedto

aprivilegelevelconfiguredontheTACACS+serverbymeansofan

attribute‐valuepairspecifiedbyattributeandvalue.

Bydefault,attributeis“priv‐lvl”andvalueis

15.

Main Page

Table of Contents