Chapter 14: Command Line Configuration
14.1.4 Authentication
To change the type of authentication for the Console Server:
# config -s config.auth.type='authtype'
'authtype' can be:
Local
LocalTACACS
TACACS
TACACSLocal
TACACSDownLocal
LocalRADIUS
RADIUS
RADIUSLocal
RADIUSDownLocal
LocalLDAP
LDAP
LDAPLocal
LDAPDownLocal
To configure TACACS authentication:
# config -s config.auth.tacacs.auth_server='comma separated list' (list of remote authentiction and authorization
servers.)
# config -s config.auth.tacacs.acct_server='comma separated list' (list of remote accounting servers. If unset,
Authentication and Authorization Server Address will be used.)
# config -s config.auth.tacacs.password='password'
To configure RADIUS authentication:
# config -s config.auth.radius.auth_server='comma separated list' (list of remote authentiction and authorization servers.)
# config -s config.auth.radius.acct_server='comma separated list' (list of remote accounting servers. If unset,
Authentication and Authorization Server Address will be used.)
# config -s config.auth.radius.password='password'
To configure LDAP authentication:
# config -s config.auth.ldap.server='comma separated list' (list of remote servers.)
# config -s config.auth.ldap.basedn='name' (The distinguished name of the search base. For example: dc=my-
company,dc=com)
# config -s config.auth.ldap.binddn='name' (The distinguished name to bind to the server with. The default is to bind
anonymously.)
# config -s config.auth.radius.password='password'
The following command will synchronize the live system with the new configuration:
# config -r auth
185