set tacacs session
Enterasys C3 Configuration Guide 36-7
set tacacs session
Use this command to enable or disable TACACS+ session accounting, or to configure TACACS+
session authorization parameters. For simplicity, separate syntax formats are shown for
configuring session accounting and session authorization.
Syntax
set tacacs session accounting {enable | disable}
set tacacs session authorization {service name | read-only attribute value |
read-write attribute value | super-user attribute value}
Parameters
Defaults
None.
Mode
Switch command, Read-Write.
Usage
When session accounting is enabled, the TACACS+ server will log accounting information, such as
start and stop times, IP address of the client, and so forth, for each authorized client session.
When the TACACS+ client is enabled on the switch (with the set tacacs enable command), the
session authorization parameters configured with this command are sent by the client to the
TACACS+ server when a session is initiated on the switch. The parameter values must match a
service and access level attribute-value pairs configured on the server for the session to be
authorized. If the parameter values do not match, the session will not be allowed.
accounting Specifies that TACACS+ session accounting is being configured.
enable | disable Enables or disables TACACS+ session accounting.
authorization Specifies that TACACS+ session authorization is being configured.
service name Specifies the name of the service that the TACACS+ client will request
from the TACACS+ server. The name specified here must match the
name of a service configured on the server. The default service name is
exec.
read-only attribute
value
Specifies that the read-only access privilege level should be matched to
a privilege level configured on the TACACS+ server by means of an
attribute-value pair specified by attribute and value.
By default, attribute is “priv-lvl” and value is 0.
read-write attribute
value
Specifies that the read-write access privilege level should be matched to
a privilege level configured on the TACACS+ server by means of an
attribute-value pair specified by attribute and value.
By default, attribute is “priv-lvl” and value is 1.
super-user attribute
value
Specifies that the super-user access privilege level should be matched to
a privilege level configured on the TACACS+ server by means of an
attribute-value pair specified by attribute and value.
By default, attribute is “priv-lvl” and value is 15.
To Next Page
Loading...
Need help?
General