Dell Force10 Z9000 Configuration Manual page 629
Hide thumbs
Also See for Force10 Z9000:
- Reference manual (1483 pages) ,
- Configuration manual (984 pages) ,
- Manual (56 pages)
Table of Contents
Advertisement
– suppress: Do not generate accounting records for a specific type of user.
– default | name: enter the name of a list of accounting methods.
– start-stop: use for more accounting information, to send a start-accounting notice at the beginning of the requested
event and a stop-accounting notice at the end.
– wait-start: ensures that the TACACS+ security server acknowledges the start notice before granting the user's process
request.
– stop-only: use for minimal accounting; instructs the TACACS+ server to send a stop record accounting notice at the end
of the requested user process.
– tacacs+: designate the security service. Currently, Dell Networking OS supports only TACACS+.
Suppressing AAA Accounting for Null Username Sessions
When you activate AAA accounting, the Dell Networking OS software issues accounting records for all users on the system,
including users whose username string is NULL because of protocol translation.
An example of this is a user who comes in on a line where the AAA authentication login method-list none command is
applied. To prevent accounting records from being generated for sessions that do not have usernames associated with them, use the
following command.
•
Prevent accounting records from being generated for users whose username string is NULL.
CONFIGURATION mode
aaa accounting suppress null-username
Configuring Accounting of EXEC and Privilege-Level Command Usage
The network access server monitors the accounting functions defined in the TACACS+ attribute/value (AV) pairs.
•
Configure AAA accounting to monitor accounting functions defined in TACACS+.
CONFIGURATION mode
aaa accounting system default start-stop tacacs+
aaa accounting command 15 default start-stop tacacs+
System accounting can use only the default method list.
Example of Configuring AAA Accounting to Track EXEC and EXEC Privilege Level Command Use
In the following sample configuration, AAA accounting is set to track all usage of EXEC commands and commands on privilege level
15.
Dell(conf)#aaa accounting exec default start-stop tacacs+
Dell(conf)#aaa accounting command 15 default start-stop tacacs+
Configuring AAA Accounting for Terminal Lines
To enable AAA accounting with a named method list for a specific terminal line (where com15 and execAcct are the method list
names), use the following commands.
•
Configure AAA accounting for terminal lines.
CONFIG-LINE-VTY mode
accounting commands 15 com15
accounting exec execAcct
Example of Enabling AAA Accounting with a Named Method List
Dell(config-line-vty)# accounting commands 15 com15
Dell(config-line-vty)# accounting exec execAcct
629
Security
Advertisement
Table of Contents
Troubleshooting
