[tac_plus] http command accouting

Barry Stephen (YDD08) Derwent Shared Services steve at dss.nhs.uk
Mon Apr 20 16:00:24 UTC 2009 

Has anyone experienced problems with AAA command accounting via the web
based device manager. I am talking about catalyst switches specifically.
I am testing on a 2960 running 12.2(44)SE3
 
I have configured the required commands but accouting is not working for
changes, eg. an interface description change. When I log on all the show
commands to populate the GUI are accounted but not changes.
 
I have debugged the authorization to see what is going on and the switch
implements a different method to the CLI of creating the changes and
merging them, see below. Debug for accouting did not produce anything
useful.

This also affects changes via Cisco Network Assistant.

Any ideas....?
 
01:19:24: AAA/AUTHOR (0x0): Pick method list 'telnet-ssh'
01:19:24: AAA: parse name=tty0 idb type=-1 tty=-1
01:19:24: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0
port=0 channel=0
01:19:24: AAA/MEMORY: create_user (0x22C27EC) user='stephen_barry'
ruser='sbtest' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15 initial_task_id='0', vrf= (id=0)
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): Port='tty0' list='default'
service=CMD
01:19:24: AAA/AUTHOR/CMD: tty0 (490239621) user='stephen_barry'
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV service=shell
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd=cluster
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=preferences
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=file
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=d.cli
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=interface
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=Fa0/23
description
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=THIS
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=IS
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=A
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=TEST
!
end

01:19:24: tty0 AAA/AUTHOR/CMD (490239621): send AV cmd-arg=<cr>
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): found list "default"
01:19:24: tty0 AAA/AUTHOR/CMD (490239621): Method=dhis-auth (tacacs+)
01:19:24: AAA/AUTHOR/TAC+: (490239621): user=stephen_barry
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV service=shell
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd=cluster
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=preferences
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=file
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=d.cli
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=interface
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=Fa0/23
description
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=THIS
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=IS
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=A
01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=TEST
!
end

01:19:24: AAA/AUTHOR/TAC+: (490239621): send AV cmd-arg=<cr>
01:19:24: AAA/AUTHOR (490239621): Post authorization status = PASS_ADD
01:19:24: AAA/MEMORY: free_user (0x22C27EC) user='stephen_barry'
ruser='sbtest' port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15
01:19:24: AAA: parse name=tty0 idb type=-1 tty=-1
01:19:24: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0
port=0 channel=0
01:19:24: AAA/MEMORY: create_user (0x22D5A58) user='stephen_barry'
ruser='sbtest' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15 initial_task_id='0', vrf= (id=0)
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): Port='tty0' list='default'
service=CMD
01:19:24: AAA/AUTHOR/CMD: tty0 (2671731899) user='stephen_barry'
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): send AV service=shell
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): send AV cmd=copy
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): send AV cmd-arg=d.cli
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): send AV
cmd-arg=running-config
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): send AV cmd-arg=<cr>
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): found list "default"
01:19:24: tty0 AAA/AUTHOR/CMD (2671731899): Method=dhis-auth (tacacs+)
01:19:24: AAA/AUTHOR/TAC+: (2671731899): user=stephen_barry
01:19:24: AAA/AUTHOR/TAC+: (2671731899): send AV service=shell
01:19:24: AAA/AUTHOR/TAC+: (2671731899): send AV cmd=copy
01:19:24: AAA/AUTHOR/TAC+: (2671731899): send AV cmd-arg=d.cli
01:19:24: AAA/AUTHOR/TAC+: (2671731899): send AV cmd-arg=running-config
01:19:24: AAA/AUTHOR/TAC+: (2671731899): send AV cmd-arg=<cr>
01:19:25: AAA/AUTHOR (2671731899): Post authorization status = PASS_ADD
01:19:25: AAA/MEMORY: free_user (0x22D5A58) user='stephen_barry'
ruser='sbtest' port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15
01:19:25: AAA: parse name=tty0 idb type=-1 tty=-1
01:19:25: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0
port=0 channel=0
01:19:25: AAA/MEMORY: create_user (0x22B96E8) user='stephen_barry'
ruser='sbtest' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15 initial_task_id='0', vrf= (id=0)
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): Port='tty0' list='default'
service=CMD
01:19:25: AAA/AUTHOR/CMD: tty0 (469821217) user='stephen_barry'
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): send AV service=shell
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): send AV cmd=delete
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): send AV cmd-arg=/force
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): send AV cmd-arg=d.cli
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): send AV cmd-arg=<cr>
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): found list "default"
01:19:25: tty0 AAA/AUTHOR/CMD (469821217): Method=dhis-auth (tacacs+)
01:19:25: AAA/AUTHOR/TAC+: (469821217): user=stephen_barry
01:19:25: AAA/AUTHOR/TAC+: (469821217): send AV service=shell
01:19:25: AAA/AUTHOR/TAC+: (469821217): send AV cmd=delete
01:19:25: AAA/AUTHOR/TAC+: (469821217): send AV cmd-arg=/force
01:19:25: AAA/AUTHOR/TAC+: (469821217): send AV cmd-arg=d.cli
01:19:25: AAA/AUTHOR/TAC+: (469821217): send AV cmd-arg=<cr>
01:19:25: AAA/AUTHOR (469821217): Post authorization status = PASS_ADD
01:19:25: AAA/MEMORY: free_user (0x22B96E8) user='stephen_barry'
ruser='sbtest' port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15
01:19:25: AAA: parse name=tty0 idb type=-1 tty=-1
01:19:25: AAA: name=tty0 flags=0x11 type=4 shelf=0 slot=0 adapter=0
port=0 channel=0
01:19:25: AAA/MEMORY: create_user (0x2272ED0) user='stephen_barry'
ruser='sbtest' ds0=0 port='tty0' rem_addr='async' authen_type=ASCII
service=NONE priv=15 initial_task_id='0', vrf= (id=0)

 
Stephen Barry
Senior IT Service Designer  |  IT Operations  |  Derbyshire Health
Informatics Service  |  Derwent Shared Services
t: 01332 622444  |  m: 07919 173353  |  f: 01332 222256  |  e:
steve at dss.nhs.uk <mailto:steve at dss.nhs.uk> 

DISCLAIMER - This email and any file transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.  Any views or opinions expressed are those of the author and do not represent the views of Derwent Shared Services, unless otherwise explicitly stated. The information contained in this email may be subject to public disclosure under the Freedom of Information Act 2000. Unless the information is legally exempt from disclosure, the confidentiality of this email cannot be guaranteed.

Derwent Shared Services is an NHS Shared Services Organisation.

More information about the tac_plus mailing list