Users Guide
106 | Services Dell Networking W-ClearPass Policy Manager 6.6 | User Guide
Parameter Action/Description
Name Select the name of the service rule from the drop-down list.
Operator Select an appropriate operator from the list of operators for the data type of the
attribute.
For example, you can select from BELONGS_TO, NOT_BELONGS_TO, CONTAINS, or
EQUALS.
Value Select the value from the drop-down list. The value list depends on the operator
selected.
Table 41: Add TACACS+ Enforcement > Service Tab Parameters (Continued)
Configuring a TACACS+ Multi-Factor Authentication Service
W-ClearPass provides a way to differentiate between a TACACS+ login authentication and a TACACS+ enable
authentication.
To do so, in Service and Policy rule configuration, you can use the Authentication type
TacacsAuthenService parameter. This parameter accepts three values: None, Login, or Enable.
Note that an Enforcement policy can also use the Authentication: TacacsAuthenService attribute in the
Rules Editor > Conditions section of the policy configuration.
Creating a TACACS+ Multi-Factor Authentication Service
To apply the TacacsAuthenService parameter in a TACACS+ Enforcement service:
1. Navigate to Configuration > Services, then select the Add link.
The TACACS+ Enforcement service configuration dialog opens:
Figure 68: Configuring a TACACS+ Multi-Factor Authentication Service
2. Specify the TACACS+ Enforcement Service parameters as described in the following table: