Dell FCX624-I Laptop User Manual


  Open as PDF
of 1494
 
1178 PowerConnect B-Series FCX Configuration Guide
53-1002266-01
Configuring TACACS/TACACS+ security
32
0 – Authorization is performed for commands available at the Super User level (all commands)
4 – Authorization is performed for commands available at the Port Configuration level
(port-config and read-only commands)
5 – Authorization is performed for commands available at the Read Only level (read-only
commands)
NOTE
TACACS+ command authorization can be performed only for commands entered from Telnet or SSH
sessions, or from the console. No authorization is performed for commands entered at the Web
Management Interface or Brocade Network Advisor.
TACACS+ command authorization is not performed for the following commands:
At all levels: exit, logout, end, and quit.
At the Privileged EXEC level: enable or enable <text>, where <text> is the password configured
for the Super User privilege level.
If configured, command accounting is performed for these commands.
AAA support for console commands
AAA support for commands entered at the console includes the following:
Login prompt that uses AAA authentication, using authentication-method Lists
Exec Authorization
Exec Accounting
Command authorization
Command accounting
System Accounting
To enable AAA support for commands entered at the console, enter the following command.
PowerConnect(config)#enable aaa console
Syntax: [no] enable aaa console
Configuring TACACS+ accounting
Dell PowerConnect devices support TACACS+ accounting for recording information about user
activity and system events. When you configure TACACS+ accounting on a Dell device, information
is sent to a TACACS+ accounting server when specified events occur, such as when a user logs into
the device or the system is rebooted.
Configuring TACACS+ accounting for Telnet/SSH (Shell) access
To send an Accounting Start packet to the TACACS+ accounting server when an authenticated user
establishes a Telnet or SSH session on the Dell PowerConnect device, and an Accounting Stop
packet when the user logs out.
PowerConnect(config)#aaa accounting exec default start-stop tacacs+
Syntax: aaa accounting exec default start-stop radius | tacacs+ | none