82 TimeCreator 1000 User’s Guide 097-93100-01 Revision C – February, 2010
Chapter 5 Provisioning
Provisioning Login Authentication
Configuring the TACACS+ Server
For the Cisco TAC_PLUS TACACS+ server, configuration requires placing the
TimeCreator 1000 user information in the file tac.cfg. For other TACACS+ servers,
see the appropriate user documentation for information on how to configure the
server. The "priv-lvl " attribute from the TACACS+ server is used by the TimeCreator
1000 to indicate the security level for each authorized user, as described in the
Table below:.
Listed below are example configurations for the file “tac.cfg” for the Cisco
TAC_PLUS TACACS+ server.
Example 1
: “Admin”-Level User
For user "usr_a" with a password of "test1a", and a secret (key) of "testing123":
#
# CONFIGURE ENCYPTION KEY
key = testing123
# Configure User
user = usr_a {
pap = cleartext test1a
opap = cleartext test1a
global = cleartext test1a
service = exec {
default attribute = permit
priv-lvl = 15
}
}
# End file
Table 5-3. Security Levels vs. RADIUS Server Class Attribute Settings
TimeCreator 1000
Security Level
TACACS+ Server
“priv-lvl” Attribute
User 1 - 4
Power-user 5 - 9
Admin 10 - 15