<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Apr 7, 2014 at 2:24 PM, Daniel Schmidt <span dir="ltr"><<a href="mailto:daniel.schmidt@wyo.gov" target="_blank">daniel.schmidt@wyo.gov</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr">I see no reason why you couldn't do it with one instance with the help of do_auth. Just need to know what pairs to send to who. </div>
</blockquote><div><br></div><div>Please let me know if I should start a new discussion thread, but I have 13 different tac_plus</div><div>instances with 267 groups and 11969 user = foo {..} entries.</div><div><br></div><div>
So any user could be on any of those groups as long as no one user in multiple groups on any</div><div>of the 13 instances.</div><div><br></div><div>I would love to see if I can consolidate all two one instance. </div><div>
<br></div><div>It will probably also help adding a user using a script to multiple groups. Currently doing</div><div>tons of awk magics to keep the {} pairs in track while adding new users on multiple instances</div><div>
into multiple groups. </div><div><br></div><div><br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div class=""><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On Sun, Apr 6, 2014 at 1:16 PM, Asif Iqbal <span dir="ltr"><<a href="mailto:vadud3@gmail.com" target="_blank">vadud3@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote">
<div>On Sun, Apr 6, 2014 at 2:53 PM, Daniel Schmidt <span dir="ltr"><<a href="mailto:daniel.schmidt@wyo.gov" target="_blank">daniel.schmidt@wyo.gov</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><br>
On a side note, while thanking Alan for his assisting while I was out, I<br>
have to also smile at a bit of irony in that the one person who was wary<br>
and wouldn't touch do_auth is now helping people with it. :-P Thanks Alan!<br></blockquote><div><br></div></div><div>Another offtopic comment, but we manage about 8 different tac_plus instances</div><div>on different IP/PORT combination. And command authorizations are different,</div>
<div>at least between cisco and juniper. We also have arista, alcatel and others.</div><div><br></div><div>I should give the do_auth a try, not sure how different command authorization</div><div>syntax can be consolidated?</div>
<div><br></div><div>Sorry about injecting offtopic conversation here.</div><span><font color="#888888"><div><br></div></font></span></div><span><font color="#888888"><div><br></div>-- <br>Asif Iqbal<br>
PGP Key: 0xE62693C5 KeyServer: <a href="http://pgp.mit.edu" target="_blank">pgp.mit.edu</a><br>A: Because it messes up the order in which people normally read text.<br>
Q: Why is top-posting such a bad thing?<br><br>
</font></span></div></div>
</blockquote></div><br></div>
</div></div><div class=""><div class="h5"><pre>E-Mail to and from me, in connection with the transaction
of public business, is subject to the Wyoming Public Records
Act and may be disclosed to third parties.
</pre></div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>Asif Iqbal<br>PGP Key: 0xE62693C5 KeyServer: <a href="http://pgp.mit.edu">pgp.mit.edu</a><br>A: Because it messes up the order in which people normally read text.<br>
Q: Why is top-posting such a bad thing?<br><br>
</div></div>