[rancid] Re: Need to know if mutiple usernames can be set in the.clogin file
Jeffrey C. Ollie
jeff at ocjtech.us
Mon Jun 25 13:02:03 UTC 2007
On Mon, 2007-06-25 at 13:16 +0530, Jayaraj, Chandrasekaran wrote:
>
> Thanks for the swift response . We do have cisco tacacs installed using
> ACS.
>
> Even when we have that there may be multiple users who will be a part of
> the authentication group who will actually have level 15 access .
>
> So say for eg we have a group called noc-users and there are 3 users
> namely user1 ,user2 ,user3 who will have privilege 15 access .
>
> So how can I check if I login as a user2 and do some change ?
>
> Currently all I get from rancid is that a diff output mail with the
> difference and no mention of the username doing the change .
RANCID cannot do what you ask. All that RANCID can do is give you a
summary of the changes made between two points in time, it cannot show
you who made those changes. It also cannot show you changes that were
made then unmade in between the times that RANCID scans your routers.
You need to enable command accounting on your router to get the kind of
information that you want:
http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1828/products_configuration_guide_chapter09186a00800ca5f1.html#xtocid183737
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://www.shrubbery.net/pipermail/rancid-discuss/attachments/20070625/9f659cc2/attachment.bin
More information about the Rancid-discuss
mailing list