<div dir="ltr">Turned out to be that the person who deployed the devices didn't have:<div><br></div><div>feature privilege</div><div><br></div><div>...in the config. Oddly enough, things worked via SSH. The problem only showed up when connecting via console. </div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div>--</div>John Fraizer<div>LinkedIn profile: <a href="http://www.linkedin.com/in/johnfraizer/" target="_blank">http://www.linkedin.com/in/johnfraizer/</a></div><div><br><div><span style="color:rgb(53,53,53);font-family:Arial,sans-serif;font-size:12px;line-height:12px;background-color:rgb(244,244,244)"><br></span></div></div></div></div></div>
<br><div class="gmail_quote">On Wed, Oct 7, 2015 at 10:08 AM, Daniel Schmidt <span dir="ltr"><<a href="mailto:daniel.schmidt@wyo.gov" target="_blank">daniel.schmidt@wyo.gov</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Do you have aaa on the line?</div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Tue, Oct 6, 2015 at 5:56 PM, John Fraizer <span dir="ltr"><<a href="mailto:john@op-sec.us" target="_blank">john@op-sec.us</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5">I'm seeing strangeness with NXOS using tac_plus + doauth.<br>
<br>
If a user connects via SSH, everything works perfectly.<br>
If a user connects via the console, they can authenticate but, the NXOS<br>
apparently isn't sending the username when it requests the shell and I get<br>
this in the logs:<br>
<br>
2015-10-06 16:54:23,901 [CRITICAL]: Username not provided. Argument<br>
-u/--username is required!<br>
<br>
When I do a show priv, I get level -1 and feature privilege: Disabled.<br>
It shows the same when connected via SSH.<br>
<br>
Does anyone have any ideas about what might be causing this and how I might<br>
remedy the issue?<br>
<br>
<br>
--<br>
John Fraizer<br>
LinkedIn profile: <a href="http://www.linkedin.com/in/johnfraizer/" rel="noreferrer" target="_blank">http://www.linkedin.com/in/johnfraizer/</a><br></div></div>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://www.shrubbery.net/pipermail/tac_plus/attachments/20151006/ba1ff567/attachment.html" rel="noreferrer" target="_blank">http://www.shrubbery.net/pipermail/tac_plus/attachments/20151006/ba1ff567/attachment.html</a>><br>
_______________________________________________<br>
tac_plus mailing list<br>
<a href="mailto:tac_plus@shrubbery.net" target="_blank">tac_plus@shrubbery.net</a><br>
<a href="http://www.shrubbery.net/mailman/listinfo/tac_plus" rel="noreferrer" target="_blank">http://www.shrubbery.net/mailman/listinfo/tac_plus</a><br>
</blockquote></div><br></div>
<br>
<br>E-Mail to and from me, in connection with the transaction <br>of public business, is subject to the Wyoming Public Records <br>Act and may be disclosed to third parties.<br></blockquote></div><br></div>