Table of Contents
Advertisement
Media Flow Controller Administrator's Guide
aaa
Configure AAA (authentication, authorization and accounting) settings; AAA accounting
options are not supported at this time. RADIUS or TACACS+ authentication must be
configured before these options can be specified with this command.
aaa (authentication)
Configure authentication settings.
aaa
authentication login default <method> [<method>] [<method>] [<method>]
Notes:
•
authentication login default <method>
methods for system logins. Choose from ldap, local, radius, tacacs+. The order in which
the methods are specified is the order in which they are attempted. Default is local. Use
no aaa authentication login to reset default.
aaa (authorization)
Configure authorization settings.
aaa authorization map
default-user <user>
order {remote-only | remote-first | local-only}
Notes:
•
default-user <username>
via RADIUS or TACACS+ is logged on as; you must enter a username that exists locally
and is enabled. This mapping is used depending on the setting of authorization map
order. Use no to reset default (admin).
•
order
RADIUS or TACACS+. Again, if the authenticated user name is valid locally, no mapping
is performed. Use no aaa authorization map order to reset default (remote-first).
Arguments:
•
remote-only
server sends a local-user mapping attribute; otherwise, no further mapping is tried.
•
remote-first
local user name, map the authenticated user to the local user specified in the attribute.
Otherwise, if the attribute is not present or not valid locally, use the user specified by
the default-user command.
•
local-only
authorization map default-user <user name> command. Any vendor attributes
received by an authentication server are ignored.
show aaa
List current authentication and authorization settings.
— Determine how the remote user mapping behaves when authenticating users via
— Only try to map a remote authenticated user if the authentication
(default) — If a local-user mapping attribute is returned and is a valid
— All remote users are mapped to the user specified by the aaa
—Set the list of acceptable authentication
—Specify what local account a non-local user authenticated
Media Flow Controller CLI Commands
aaa
289
Advertisement
Chapters
Table of Contents
Troubleshooting
