aaa-tacacs-show
Use this command to display the configuration parameters of the TACACS+ server.
Syntax aaa-tacacs-show
|
name name-string |
Name of the TACACS+ service. |
|
scope local|fabric |
The scope to apply to the TACACS+ server. |
|
server server-string |
Name of the TACACS+ server. |
|
port port-number |
The port that connects to the server. |
|
timeout timeout-number |
The number of seconds for the server to time out a request. The default value is 10 seconds. |
|
priority priority-number |
The priority for the server. |
|
authen|no-authen |
Specifies if the server authenticates clients on the network. |
|
authen-local|no-authen-local |
Specifies if the server authentication overrides the local users. |
|
authen-method pap|chap|ms-chap |
The authentication method for clients. PAP, CHAP, and MS-CHAP are supported methods. |
|
sess-acct|no-sess-acct |
Specifies if the user uses session accounting. The TACACS+ server is notified when a user logs in or out of the network. |
|
cmd-acct|no-cmd-acct |
Specifies if the user uses command accounting. The TACACS+ server is notified when ever a user, including the network administrator, runs a non-show command. |
|
acct-local|no-acct-local |
Specify accounting for local users |
|
sess-author|no-sess-author |
Specifies if the user uses session authorization. The TACACS+ server configured for session authorization determines if a user can initiate a session on the network after logging in. |
|
cmd-author|no-cmd-author |
Specifies if the user uses command authorization. The TACACS+ server determines if a user can run certain commands on the network. |
|
author-local|no-author-local |
Specify authorization for local users. |
|
timed-out yes|no |
Specifies if the server has timed out. |
|
error-start date/time:yyyy-mm-ddTHH:mm:ss |
The time of first error. |
|
num-errors num-errors-number |
The number of errors. |
|
errors-logged yes|no |
Specifies if the errors are logged or not. |
|
service service-string |
Specify the service name used for TACACS+ requests sent from NetVisor OS to the TACACS+ server for commands run at the NetVisor CLI, and the Java, C, and REST APIs. The default value is shell. |
|
service-shell service-shell-string |
Specify the service name used for TACACS+ requests sent from NetVisor OS to the TACACS+ server for commands run from a UNIX shell. |
|
service-vtysh service-vtysh-string |
Specify the service name used for TACACS+ requests sent from NetVisor OS to the TACACS+ server for commands run from vtysh. |
Defaults None.
Access CLI
History
|
Version 1.2.1 |
Command introduced. |
|
Version 2.6.0 |
The parameters acct-local, author-local, service, service-shell and service-vtysh added. |
Usage Use this command to display information about a TACACS+ server
Examples To display the information about a TACACS+ server, use the following command:
CLI (network-admin@switch) > aaa-tacacs-show
name scope server port timeout priority authen authen-local authen-method sess-acct cmd-acct acct-local sess-author cmd-author author-local service service-shell service-vtysh
---- ----- ------- ---- ------- -------- ------ ------------ ------------- --------- -------- ---------- ----------- ---------- ------------ ------- ------------- -------------
tac local server1 49 10 1 on off chap on off off on off on shell unix-shell vtysh-shell