[rancid] Re: Need to know if mutiple usernames can be setin the.clogin file

[Todd Heide]

Setup a Tacacs+ server on the Rancid box. The one I use which has a nice
front end is found here, http://www.networkforums.net Once installed and
working it is easy to check the logs to see what has been done and by
whom. 

Thanks
Todd Heide
Equivoice Inc.

CCNA CWLSS CS-CISecS
847-235-3308
 
Nothing ever goes as planned, Its a hell of a notion, 
Even pharaohs turn to sand, Like a drop in the ocean
-----Original Message-----
From: rancid-discuss-bounces at shrubbery.net
[mailto:rancid-discuss-bounces at shrubbery.net] On Behalf Of Jeffrey C.
Ollie
Sent: Monday, June 25, 2007 8:02 AM
To: rancid-discuss at shrubbery.net
Subject: [rancid] Re: Need to know if mutiple usernames can be setin
the.clogin file

On Mon, 2007-06-25 at 13:16 +0530, Jayaraj, Chandrasekaran wrote:
>
> Thanks for the swift response . We do have cisco tacacs installed
using
> ACS.
> 
> Even when we have that there may be multiple users who will be a part
of
> the authentication group who will actually have level 15 access . 
> 
> So say for eg we have a group called noc-users and there are 3 users
> namely user1 ,user2 ,user3 who will have privilege 15 access . 
>
> So how can I check if I login as a user2 and do some change ? 
> 
> Currently all I get from rancid is that a diff output mail with the
> difference and no mention of the username doing the change .

RANCID cannot do what you ask.  All that RANCID can do is give you a
summary of the changes made between two points in time, it cannot show
you who made those changes.  It also cannot show you changes that were
made then unmade in between the times that RANCID scans your routers.

You need to enable command accounting on your router to get the kind of
information that you want:

http://www.cisco.com/en/US/customer/products/sw/iosswrel/ps1828/products
_configuration_guide_chapter09186a00800ca5f1.html#xtocid183737

Jeff