Table of Contents
Advertisement
User authentication
(config)> auth ldap base_dn value
(config)>
11. (Optional) Set the name of the user attribute that contains the list of Connect IT Mini
authentication groups that the authenticated user has access to. See
for further information about the group attribute.
(config)> auth ldap group_attribute value
(config)>
For example:
(config)> auth ldap group_attribute ou
(config)>
12. Configure the amount of time in seconds to wait for the TACACS+ server to respond.
(config)> auth ldap timeout value
(config)>
where value is any integer from 3 to 60. The default value is 3.
13. Add an TACACS+ server:
a. Add the server:
(config)> add auth tacacs+ server end
(config auth tacacs+ server 0)>
b. Enter the TACACS+ server's IP address or hostname:
(config auth tacacs+ server 0)> hostname hostname|ip-address
(config auth tacacs+ server 0)>
c. (Optional) Change the default port setting to the appropriate port:
(config auth tacacs+ server 0)> port port
(config auth tacacs+ server 0)>
d. Enter the TACACS+ server's shared secret. This is configured in the key parameter of the
TACACS+ server's tac_plus.conf file. For example:
(config auth tacacs+ server 0)> secret testing123
(config auth tacacs+ server 0)>
e. (Optional) Repeat the above steps to add additional TACACS+ servers.
14. Add TACACS+ to the authentication methods. Authentication methods are attempted in the
order they are listed until the first successful authentication result is returned. This example
will add TACACS+ to the end of the list. See
adding methods to the beginning or middle of the list.
(config)> add auth method end tacacs+
(config)>
Digi Connect IT® Mini User Guide
Terminal Access Controller Access-Control System Plus (TACACS+)
User authentication methods
LDAP user configuration
for information about
418
Advertisement
Table of Contents
