Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch

241

242

243

244

245

246

247

248

249

250

Send feedback to nx5000-docfeedback@cisco.com

16-12

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide

OL-16597-01

Chapter 16 Configuring AAA

Displaying and Clearing the Local AAA Accounting Log

If you do not specify the role option in the cisco-av-pair attribute, the default user role is

network-operator.

You can also specify your SNMPv3 authentication and privacy protocol attributes as follows:

shell:roles="roleA roleB..." snmpv3:auth=SHA priv=AES-128

The SNMPv3 authentication protocol options are SHA and MD5. The privacy protocol options are

AES-128 and DES. If you do not specify these options in the cisco-av-pair attribute, MD5 and DES are

the default authentication protocols.

For more information on user roles, see Chapter 22, “Configuring User Accounts and RBAC.”

Displaying and Clearing the Local AAA Accounting Log

The Nexus 5000 Series switch maintains a local log for the AAA accounting activity. To display this log

and clear it, perform this task:

Verifying AAA Configuration

To display AAA configuration information, perform one of the following tasks:

Example AAA Configuration

The following example shows how to configure AAA:

aaa authentication login default group radius

aaa authentication login console group radius

Command Purpose

Step 1

switch# show accounting log [size]

[start-time year month day hh:mm:ss]

Displays the accounting log contents. By default,

the command output contains up to 250,000 bytes of

the accounting log. You can use the size argument to

limit command output. The range is from 0 to

250000 bytes. You can also specify a start time for

the log output.

Step 2

switch# clear accounting log

(Optional) Clears the accounting log contents.

Command Purpose

show aaa accounting Displays AAA accounting configuration.

show aaa authentication [login {error-enable |

mschap}]

Displays AAA authentication information.

show aaa groups Displays the AAA server group configuration.

show running-config aaa [all] Displays the AAA configuration in the running

configuration.

show startup-config aaa Displays the AAA configuration in the startup

configuration.