Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S6100-ON

1311

Version Description

8.3.7.0 Introduced on the S4810.

7.6.1.0 Introduced on the S-Series.

7.5.1.0 Introduced on the C-Series.

pre-6.2.1.0 Introduced on the E-Series.

Usage Information

By default, the locally configured username password is used. If you configure aaa authentication login

default, Dell EMC Networking OS uses the methods this command defines for login instead.

Methods configured with the aaa authentication login command are evaluated in the order they are

configured. If users encounter an error with the first method listed, Dell EMC Networking OS applies the next

method configured. If users fail the first method listed, no other methods are applied. The only exception is the

local method. If the user’s name is not listed in the local database, the next method is applied. If the correct user

name/password combination is not entered, the user is not allowed access to the switch.

NOTE: If authentication fails using the primary method, Dell EMC Networking OS employs the

second method (or third method, if necessary) automatically. For example, if the TACACS+ server

is reachable, but the server key is invalid, Dell EMC Networking OS proceeds to the next

authentication method. The TACACS+ is incorrect, but the user is still authenticated by the

secondary method.

After configuring the aaa authentication login command, configure the login authentication

command to enable the authentication scheme on terminal lines.

Connections to the SSH server work with the following login mechanisms: local, radius, and tacacs.

Commands

• login authentication — enables AAA login authentication on the terminal lines.

• password — creates a password.

• radius-server host — specifies a RADIUS server host.

• tacacs-server host — specifies a TACACS+ server host.

aaa reauthenticate enable

Enable re-authentication of user whenever there is a change in the authenticators.

Syntax

aaa reauthenticate enable

To disable the re-authentication option, use the no aaa reauthenticate enable command.

Defaults Disabled

Command Modes CONFIGURATION

Command History

This guide is platform-specific. For command information about other platforms, see the relevant Dell EMC

Networking OS Command Line Reference Guide.

Version Description

9.11(0.0) Introduced this command.

Usage Information

When an operating system enables to change the user authenticators, the users might access resources and

perform tasks that they do not have authorization.

Once re-authentication is enabled, Dell EMC Networking OS prompts the users to re-authenticate whenever

there is a change in authenticators.

The change in authentication happens when:

• Add or remove an authentication server (RADIUS/TACACS+)

• Modify an AAA authentication/authorization list

• Change to role-only (RBAC) mode

Security 1317