[tac_plus] multiple groups per user
Tom Murch
tmurch at tommurch.com
Thu Mar 14 18:42:37 UTC 2013
Hello I am trying to get this working. Reading the mailing list I was under
the impression this was fixed. I am trying to have the same users admin
both juniper and hp gear.
#
# tacacs configuration file
# xxxxx -
# /etc/tac_plus.conf
# set the key
key = xxxxx
accounting file = /var/log/tac_plus.acct
#group accounts
group = admins {
## cli service for junipers
service = junos-exec
{
local-user-name = admins
allow-commands = "all"
allow-configuration = "all"
deny-commands = ""
deny-configuration = ""
}
}
group = admins2 {
default service = permit
service = exec {
priv-lvl = 15
}
}
# users accounts
user = tom {
member = admins
login = des "xxxxx"
enable = cleartext "xxxxx"
name = "Thomas Murch"
}
user = tomhp {
member = admins2
login = des "xxxxxx"
enable = cleartext "xxxx"
name = "Thomas Murch"
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20130314/2e757a13/attachment.html>
More information about the tac_plus
mailing list