Chapter 8
| Authentication Commands
AAA
aaa group server
Command Mode
Global Configuration
Command Usage
◆
This command performs authorization to determine if a user is allowed to run
an Exec shell for local console, Telnet, or SSH connections.
◆
AAA authentication must be enabled before authorization is enabled.
◆
If this command is issued without a specified named method, the default
method list is applied to all interfaces or lines (where this authorization type
applies), except those that have a named method explicitly defined.
Example
Console(config)#aaa authorization exec default group tacacs+
Console(config)#
Use this command to name a group of security server hosts. To remove a server
group from the configuration list, enter the no form of this command.
Syntax
[no] aaa group server {radius | tacacs+} group-name
radius - Defines a RADIUS server group.
tacacs+ - Defines a TACACS+ server group.
group-name - A text string that names a security server group.
(Range: 1-64 characters)
Default Setting
None
Command Mode
Global Configuration
Example
Console(config)#aaa group server radius tps
Console(config-sg-radius)#
– 220 –