[tac_plus] Cisco Nexus Authorization problem
Kevin.Cruse at Instinet.com
Kevin.Cruse at Instinet.com
Wed Aug 19 15:12:55 UTC 2015
John
Are you familiar with the logging options with tacplus? I noticed there is
no 'authentication' log (i was previously using the mavvis version which
had it). Additionally, the accounting log does not have a rolling date,
meaning - I would like the log file name to have the date which changes
daily. ie - accounting.20150820, accounting.20150821, etc. Is there an
option for this? I also noticed the accounting log does not show 'failed'
logins. If i try to login to router with incorrect password it does not get
logged.
Kevin
From: John Fraizer <john at op-sec.us>
To: "Kevin.Cruse at Instinet.com" <Kevin.Cruse at instinet.com>,
Cc: Daniel Schmidt <daniel.schmidt at wyo.gov>,
"tac_plus at shrubbery.net" <tac_plus at shrubbery.net>
Date: 08/17/2015 05:45 PM
Subject: Re: [tac_plus] Cisco Nexus Authorization problem
On Mon, Aug 17, 2015 at 2:03 PM, <Kevin.Cruse at instinet.com> wrote:
Just fyi - I've configured the command "#aaa authorization
config-commands" as well, for some reason it does not show up in
configuration.
There is some interesting trivia behind that. "aaa authorization
config-commands" is the "default" behavior. BUT, if someone has issued "no
aaa authorization config-commands" on the device (which also does not show
up in the config), the behavior changes. You have to issue "aaa
authorization config-commands" to reenable the behavior.
You just have to love those hidden gems!
John
========================================================================================================= <<<< Disclaimer >>>> This message is intended solely for use by the named addressee(s). If you receive this transmission in error, please immediately notify the sender and destroy this message in its entirety, whether in electronic or hard copy format. Any unauthorized use (and reliance thereon), copying, disclosure, retention, or distribution of this transmission or the material in this transmission is forbidden. We reserve the right to monitor and archive electronic communications. This material does not constitute an offer or solicitation with respect to the purchase or sale of any security. It should not be construed to contain any recommendation regarding any security or strategy. Any views expressed are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. This communication is provided on an “as is” basis. It contains material that is owned by Instinet Incorporated, its subsidiaries or its or their licensors, and may not, in whole or in part, be (i) copied, photocopied or duplicated in any form, by any means, or (ii) redistributed, posted, published, excerpted, or quoted without Instinet Incorporated's prior written consent. Please access the following link for important information and instructions: http://instinet.com/includes/index.jsp?thePage=/html/le_index.txt Securities products and services are provided by locally registered brokerage subsidiaries of Instinet Incorporated: Instinet Australia Pty Limited (ACN: 131 253 686 AFSL No: 327834), regulated by the Australian Securities & Investments Commission; Instinet Canada Limited, member IIROC/CIPF; Instinet Pacific Limited, authorized and regulated by the Securities and Futures Commission of Hong Kong; Instinet Singapore Services Private Limited, regulated by the Monetary Authority of Singapore, trading member of The Singapore Exchange Securities Trading Private Limited and clearing member of The Central Depository (Pte) Limited; and Instinet, LLC, member SIPC.
=========================================================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20150819/d774cc74/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20150819/d774cc74/attachment.gif>
More information about the tac_plus
mailing list