[tac_plus] Info - Tacacs +
john heasley
heas at shrubbery.net
Tue Jan 25 01:03:16 UTC 2011
Mon, Jan 24, 2011 at 03:47:34PM -0800, charanjit singh:
> Hi Team,
>
>
>
> I am working as a Network Admin for a company. We are currently setting up a new Tacacs+ solution for AAA on our devices.
>
>
>
> I have a query --
>
>
>
> We are running the Tacacs+ daemon on a Unix machine. The authentication
> is working fine on Cisco devices. Now i have added another group for WAN
> Accelerators , its just a Monitoring group
>
>
>
> Is it possible that a user can be a member of Cisco Admin group and WAN Accelerator Monitoring group
>
no, essentially only one group. a patch was offered to add this and its
being worked to import it into the tree with a rewrite of the configuration
parser. search the maillist for the patch from Gabor.
>
> As per my checks a user can belong to just one group in Tacacs+.
>
>
>
> Can i work towards a solution for my requirement by doing Nested Groups.
>
>
>
> Is it possible that i create a Composite Group and then add both the Admin and WAN Accelerator groups in it as Member Groups. Do you have a sample configuration >
>
>
>
> I tried it but i was unable to compile / save the Configuration file
>
>
>
> Any help would be appreciated.
>
>
>
> Regards,
>
> Charanjit Jassar
>
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20110124/1fa39062/attachment.html>
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus
More information about the tac_plus
mailing list