Snmpv3 Cli User Management And Aaa Integration; Cli And Snmp User Synchronization - Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual
Cisco mds 9000 family cli configuration guide - release 4.x (ol-18084-01, february 2009)
Hide thumbs
Also See for AP776A - Nexus Converged Network Switch 5020:
- Command reference manual (1640 pages) ,
- Configuration manual (1486 pages) ,
- Reference (886 pages)
Table of Contents
Advertisement
Chapter 33
Configuring SNMP
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Command
Step 2
switch(config)# snmp-server contact NewUser
switch(config)# no snmp-server contact NewUser
Step 3
switch(config)# snmp-server location SanJose
switch(config)# no snmp-server location SanJose
SNMPv3 CLI User Management and AAA Integration
The Cisco NX-OS software implements RFC 3414 and RFC 3415, including user-based security model
(USM) and role-based access control. While SNMP and the CLI have common role management and
share the same credentials and access privileges, the local user database was not synchronized in earlier
releases.
SNMPv3 user management can be centralized at the AAA server level. This centralized user
management allows the SNMP agent running on the Cisco MDS switch to leverage the user
authentication service of the AAA server. Once user authentication is verified, the SNMP PDUs are
processed further. Additionally, the AAA server is also used to store user group names. SNMP uses the
group names to apply the access/role policy that is locally available in the switch.
This section includes the following topics:
•
•
•
CLI and SNMP User Synchronization
Any configuration changes made to the user group, role, or password results in database synchronization
for both SNMP and AAA.
To create an SNMP or CLI user, use either the username or snmp-server user commands.
•
•
Users are synchronized as follows:
•
•
Note
•
OL-18084-01, Cisco MDS NX-OS Release 4.x
CLI and SNMP User Synchronization, page 33-3
Restricting Switch Access, page 33-4
Group-Based SNMP Access, page 33-4
The
passphrase specified in the snmp-server user command is synchronized as the password
auth
for the CLI user.
The password specified in the username command is synchronized as the
passphrases for the SNMP user.
Deleting a user using either command results in the user being deleted for both SNMP and the CLI.
User-role mapping changes are synchronized in SNMP and the CLI.
When the passphrase/password is specified in localized key/encrypted format, the password is
not synchronized.
Existing SNMP users continue to retain the auth and priv passphrases without any changes.
SNMPv3 CLI User Management and AAA Integration
Purpose
Assigns the contact name for the switch.
Deletes the contact name for the switch.
Assigns the switch location.
Deletes the switch location.
Cisco MDS 9000 Family CLI Configuration Guide
and
auth
priv
33-3
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the AP776A - Nexus Converged Network Switch 5020 and is the answer not in the manual?
Questions and answers