Table of Contents
Advertisement
Note -
when upgrading from the 1.1.0.x release (see CR 7022286). The syslog server setting must be
reconfigured after the upgrade or restore.
Configuring TACACS+
These topics describe how to configure TACACS+:
"TACACS+ Properties" on page 29
■
"Configure TACACS+ Settings" on page 30
■
TACACS+ Properties
CLI Property
address [tacacs+_server_IP_address]
Defaultrole [a|u|o|c|r|s|
Administrator|Operator]
fs_privilege [1|15]
port [port_number]
protocol
service
secret [tacacs+_secret]
state [enabled|disabled]
†
In the TACACS+ server, the combination of ppp and ip can be configured to send additional fields in packet data. For Oracle ILOM clients this is used to send
Oracle ILOM-specific fields like sefos-fs-privilege and ilom-role.
If a syslog server address was configured in Oracle ILOM, the address is not retained
Default Value
0.0.0.0
Operator
1
49
ip
ppp
[none]
Disabled
Sun Blade 6000 Ethernet Switched NEM 24p 10GbE Release 1.2.2 Product Notes
Description
Specifies the IP address or DNS name of the TACACS+ server. If you use
DNS, ensure that DNS is configured and functional.
Specifies the access role that is granted to all authenticated TACACS+
users.
This property supports the following legacy roles:
■ Administrator
■ Operator
■ Any individual role ID combinations where a = Admin, u = User
Management, o = Operator, c = Console, r = Reset and Host Control,
and s = Service.
Specifies the fs_privilege that is used for TACACS+ authenticated users
to access and control SEFOS.
Specifies the port number used to communicate with the TACACS+ server.
protocol identifies the TACACS+ protocol type. service identifies the
TACACS+ service type. (see footnote)
Specifies the shared secret that is used to protect sensitive data and to
ensure that the client and server recognize each other.
Specifies whether the TACACS+ client is enabled or disabled.
Configuring TACACS+
†
29
Advertisement
Table of Contents
