Configuring Tacacs - Cisco 500 Series Administration Manual

Security

Configuring TACACS+

STEP 4
STEP 5
NOTE
Configuring TACACS+
Cisco 500 Series Stackable Managed Switch Administration Guide
• Do not repeat or reverse the manufacturers name or any variant reached by
changing the case of the characters.
If the Password Complexity Settings are enabled, the following parameters may
be configured:
• Minimal Password Length—Enter the minimal number of characters
required for passwords.
A zero-length password (no password) is allowed, and can still have
NOTE
password aging assigned to it.
• Allowed Character Repetition—Enter the number of times that a character
can be repeated.
• Minimal Number of Character Classes—Enter the number of character
classes which must be present in a password. Character classes are lower
case (1), upper case (2), digits (3), and symbols or special characters (4).
• The New Password Must Be Different than the Current One—If selected,
the new password cannot be the same as the current password upon a
password change.
Click Apply. The password settings are written to the Running Configuration file.
Configuring the username-password equivalence, and manufacturer-password
equivalence may be done through the CLI. See the CLI Reference Guide for further
instruction.
An organization can establish a Terminal Access Controller Access Control
System (TACACS+) server to provide centralized security for all of its devices. In
this way, authentication and authorization can be handled on a single server for all
devices in the organization.
The device can act as a TACACS+ client that uses the TACACS+ server for the
following services:
• Authentication—Provides authentication of users logging onto the device
by using usernames and user-defined passwords.
21
432