aaa-tacacs-modify
This command is used to modify a TACACS+ server configuration on the network.
Syntax aaa-tacacs-modify
|
name name-string |
Specify the name for TACACS+ configuration. (up to 60 characters) |
|
Specify one or more of the following options to modify: |
|
|
scope fabric|local |
Specify the scope of TACACS+ configuration. |
|
server server-string |
Specify the TACACS+ server name. (up to 60 characters) |
|
port port-number |
Specify the TCACAS+ communication port. The default port is 49. |
|
secret secret-string |
Specify the shared secret (password) for TACACS+. |
|
timeout timeout-number |
Specify the number of seconds before communication times out. The default value is 10 seconds. |
|
priority priority-number |
Specify the priority for TACACS+. |
|
authen|no-authen |
Specify to enable or disable the authentication. |
|
authen-local|no-authen-local |
Specify if the authentication overrides local users. The no-authen-local parameter overrides local users, and gives them access while authen-local prevents local users from logging in. |
|
authen-method pap|chap|ms-chap |
Specify one among the authentication methods: PAP, CHAP and MS-CHAP. Note: Pluribus does not support MS-CHAP authentication method. |
|
sess-acct|no-sess-acct |
Specify to enable or disable session accounting. |
|
cmd-acct|no-cmd-acct |
Specify to enable or disable command accounting. |
|
acct-local|no-acct-local |
Specify to enable or disable accounting for local users. |
|
sess-author|no-sess-author |
Specify to enable or disable session authorization. |
|
cmd-author|no-cmd-author |
Specify to enable or disable command authorization. |
|
author-local|no-author-local |
Specify to enable or disable authorization for local users. |
|
service service-string |
Specify the service name used for TACACS+ requests sent from NetVisor OS to the TACACS+ server for commands run at the NetVisor CLI, and REST APIs. The default service is shell. |
|
service-shell service-shell-string |
Specify the TACACS+ service name string for shell commands. |
|
service-vtysh service-vtysh-string |
Specify the TACACS+ service name string for vtysh commands. |
Defaults None.
Access CLI
History
|
Version 1.2.1 |
Command introduced. |
|
Version 2.6.0 |
The parameters acct-local, author-local, service, service-shell, and service-vtysh added. |
Usage Use this command to modify a TACACS+ server authenticate, and authorize clients on the network. The TACACS+ can also provide accounting for sessions, and commands.
Examples To modify the TACACS+ configuration, TACserver1, and change the secret password, to m0nk3ys, use the following command:
CLI (network-admin@switch) > aaa-tacacs-modify name TACserver1 secret @m0nk3ys