Dell PowerConnect B-RX Configuration Manual page 167
Bigiron rx series supporting multi-service ironware v02.7.03
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1458 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
service = exec {
}
In this example, the A-V pair
value in the foundry-privlvl A-V pair is an integer that indicates the privilege level of the user.
Possible values are 0 for super-user level, 4 for port-config level, or 5 for read-only level. If a value
other than 0, 4, or 5 is specified in the foundry-privlvl A-V pair, the default privilege level of 5
(read-only) is used. The foundry-privlvl A-V pair can also be embedded in the group configuration for
the user. Refer to your TACACS+ documentation for the configuration syntax relevant to your server.
If the foundry-privlvl A-V pair is not present, the BigIron RX extracts the last A-V pair configured for
the Exec service that has a numeric value. The BigIron RX uses this A-V pair to determine the user's
privilege level.
user=bob {
default service = permit
member admin
# Global password
global = cleartext "cat"
service = exec {
}
The attribute name in the A-V pair is not significant; the BigIron RX uses the last one that has a
numeric value. However, the BigIron RX interprets the value for a non-"foundry-privlvl" A-V pair
differently than it does for a "foundry-privlvl" A-V pair. The following table lists how the BigIron RX
associates a value from a non-"foundry-privlvl" A-V pair with a Brocade privilege level.
TABLE 36
Value for non-"foundry-privlvl" A-V pair
15
From 14 – 1
Any other number or 0
In the example above, the A-V pair configured for the Exec service is
uses the value in this A-V pair to set the user's privilege level to 0 (super-user), granting the user full
read-write access.
In a configuration that has both a "foundry-privlvl" A-V pair and a non-"foundry-privlvl" A-V pair for
the Exec service, the non-"foundry-privlvl" A-V pair is ignored.
user=bob {
default service = permit
member admin
# Global password
global = cleartext "cat"
service = exec {
}
In this example, the user would be granted a privilege level of 4 (port-config level). The
A-V pair is ignored by the BigIron RX.
15
BigIron RX Series Configuration Guide
53-1001986-01
foundry-privlvl = 0
}
foundry-privlvl = 0
privlvl = 15
}
Brocade equivalents for non-"foundry-privlvl" A-V pair values
foundry-privlvl = 4
privlvl = 15
}
Configuring TACACS and TACACS+ security
grants the user full read-write access. The
Brocade privilege level
0 (super-user)
4 (port-config)
5 (read-only)
privlvl = 15
4
. The BigIron RX
privlvl =
95
Advertisement
Chapters
Table of Contents
