[tac_plus] Privilege level on hp,3com,h3c switches
john heasley
heas at shrubbery.net
Wed Nov 3 02:19:17 UTC 2010
Tue, Nov 02, 2010 at 10:32:44PM +0100, Antonio Ojea:
> Hi,
>
> I have several (HP, 3com, h3) switches h3600 and routers MSR-20.
>
> I can configure the routers and the switches to authenticate against the tac_plus server, but the problem is with the user privilege level.I have configured the next statemens, and when I log in a router I have all privileges, but in the switches I have the lowest privileges.
>
> default service = permit
> service = exec {
> priv-lvl = 15
> }
>
> I think that this is a H3C issue, but can I configure the tac_plus server to get all privileges when I log in the switch?
> Is it possible to run a script to change the level automatically?
>
if i understand what you want, try clogin from rancid; www.shrubbery.net/rancid/
else, the switches might use a different AVP for setting the priv level
or might not be configured to perform authorization.
More information about the tac_plus
mailing list