Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHome Theater ServerServerIron ADX 12.4.00
121122123124125126127128129130
106 ServerIron ADX Administration Guide
53-1002434-01
Configuring TACACS or TACACS+ security
2
To display user account information, enter the following command.
ServerIronADX(config)# show users
Username Password Encrypt Priv Status Expire
Time
=================================================================================
==
admin $1$T62..hu1$hmRolcV1Vwc.FCtXVD6h9/ enabled 0 enabled
Never
Syntax: show users
Configuring TACACS or TACACS+ security
You can use the security protocol Terminal Access Controller Access Control System (TACACS) or
TACACS+ to authenticate the following kinds of access to the ServerIron.
Telnet access
SSH access
Web management access
Access to the Privileged EXEC level and CONFIG levels of the CLI
NOTE
You cannot authenticate IronView (SNMP) access to a ServerIron using TACACS or TACACS+.
The TACACS and TACACS+ protocols define how authentication, authorization, and accounting
information is sent between a ServerIron and an authentication database on a TACACS or TACACS+
server. TACACS or TACACS+ services are maintained in a database, typically on a UNIX workstation
or PC with a TACACS or TACACS+ server running.
How TACACS+ differs from TACACS
TACACS is a simple UDP-based access control protocol originally developed by BBN for MILNET.
TACACS+ is an enhancement to TACACS and uses TCP to ensure reliable delivery.
TACACS+ is an enhancement to the TACACS security protocol. TACACS+ improves on TACACS by
separating the functions of authentication, authorization, and accounting (AAA) and by encrypting
all traffic between the ServerIron and the TACACS+ server. TACACS+ allows for arbitrary length and
content authentication exchanges, which allow any authentication mechanism to be utilized with
the ServerIron. TACACS+ is extensible to provide for site customization and future development
features. The protocol allows the ServerIron to request very precise access control and allows the
TACACS+ server to respond to each component of that request.
NOTE
TACACS+ provides for authentication, authorization, and accounting, but an implementation or
configuration is not required to employ all three.