[tac_plus] TACACS+ Authorization via LDAP
Sachin.6.Gupta
SG00123446 at TechMahindra.com
Thu Nov 7 03:54:04 UTC 2013
Thanks Heas for clarifying.
However, I need to the following: Authentication via LDAP (using PAM I guess) and Authorization and Accounting as it happens.
But for Authorization how would I configure Users and Groups in TACACS+ when the same would be configured in LDAP.
Is there a how to link for this? Authentication via LDAP and Authorization also?
TIA
-----Original Message-----
From: heasley [mailto:heas at shrubbery.net]
Sent: Wednesday, November 06, 2013 10:39 PM
To: Sachin.6.Gupta
Cc: heasley; tac_plus at shrubbery.net
Subject: Re: [tac_plus] TACACS+ Authorization via LDAP
Wed, Nov 06, 2013 at 12:12:22PM +0530, Sachin.6.Gupta:
> I found one link which states that Authorization via LDAP is not possible.
> http://www.shrubbery.net/pipermail/tac_plus/2009-January/000332.html
>
> Quote:
> "Currently, tac_plus only allows authentication using pam (since pam is only used for authentication anyway). Authorizations are still configured within the conf file, no ldap groups allowed :("
sorry, i misread it - there is no facility for authorization via pam (or ldap).
> Regards
>
> -----Original Message-----
> From: tac_plus-bounces at shrubbery.net [mailto:tac_plus-bounces at shrubbery.net] On Behalf Of Sachin.6.Gupta
> Sent: Wednesday, November 06, 2013 12:07 PM
> To: heasley
> Cc: tac_plus at shrubbery.net
> Subject: Re: [tac_plus] TACACS+ Authorization via LDAP
>
> Thanks. Can you please provide more details on using PAM (LDAP) for Authorization?
> Any links or mails would be helpful.
>
> -----Original Message-----
> From: heasley [mailto:heas at shrubbery.net]
> Sent: Wednesday, November 06, 2013 12:05 PM
> To: Sachin.6.Gupta
> Cc: tac_plus at shrubbery.net
> Subject: Re: [tac_plus] TACACS+ Authorization via LDAP
>
> Wed, Nov 06, 2013 at 11:02:46AM +0530, Sachin.6.Gupta:
> > Hi All,
> >
> > Is it possible to do TACACS+ Authorization via LDAP?
> > I know that Authentication can be done via LDAP, but is TACACS+ authorization also possible?
>
> yes, via PAM.
>
> ============================================================================================================================Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/tim/disclaimer.html">http://tim.techmahindra.com/tim/disclaimer.html</a> internally within Tech Mahindra.============================================================================================================================
> _______________________________________________
> tac_plus mailing list
> tac_plus at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/tac_plus
>
> ============================================================================================================================Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/tim/disclaimer.html">http://tim.techmahindra.com/tim/disclaimer.html</a> internally within Tech Mahindra.============================================================================================================================
============================================================================================================================Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review the policy at <a href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/tim/disclaimer.html">http://tim.techmahindra.com/tim/disclaimer.html</a> internally within Tech Mahindra.============================================================================================================================
More information about the tac_plus
mailing list