[tac_plus] authorization venor-specific attribute

Alan McKinnon alan.mckinnon at gmail.com
Wed Aug 29 16:03:48 UTC 2012 

On Wed, 29 Aug 2012 12:29:09 +0000
Nikolai Sednev <nikolais at mellanox.com> wrote:

> Hi,
> How can I configure vendor-specific attribute for authorization as
> admin or monitor in the configuration file of TACACS+ server?

Here's an example:

        service = exec {
                optional task = "rwx:*,#root-system,#cisco-support"
                idletime = 30
                timeout = 720
#               shell:roles="priv-15"
        }



The tarball comes with an FAQ that covers this topic in some detail.
Have you read it?





> 
> 
> 
> Best regards, Nikolai
> --------------------------------------------------------------------------------------------
> Nikolai Sednev
> QA Engineer, QnR
> Extension:     9176
> Cell:            +972 52 734 2734
> Email: nikolais at mellanox.com<mailto:nikolais at mellanox.com>
> [Description:
> http://www.mellanox.com/img/news/media_kit/logo/Mellanox_logo.gif]
> Mellanox  Technologies http://www.mellanox.com/
> --------------------------------------------------------------------------------------------
> 
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> <http://www.shrubbery.net/pipermail/tac_plus/attachments/20120829/06fa431b/attachment.html>
> -------------- next part -------------- A non-text attachment was
> scrubbed... Name: image001.jpg
> Type: image/jpeg
> Size: 2777 bytes
> Desc: image001.jpg
> URL:
> <http://www.shrubbery.net/pipermail/tac_plus/attachments/20120829/06fa431b/attachment.jpg>
> _______________________________________________ tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus



-- 
Alan McKinnon
alan.mckinnon at gmail.com

More information about the tac_plus mailing list