HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide
17
Figure 16 Entering the page for configuring LDAP synchronization policies
Configuring a device
When you configure a device, the following order is recommended:
1. Creating a TACACS+ scheme.
2. Creating a domain.
3. Configuring scheme authentication and enabling command line authorization and accounting.
Creating a TACACS+ scheme
A device cooperates with the TAM server to implement TACACS+ authentication according to the
configured TACACS+ scheme. Follow these guidelines when you configure a TACACS+ scheme:
• The IP address specified for the AAA server in the TACACS+ scheme must be the IP address of the
TAM server.
• The shared key, and the authentication, authorization, and accounting ports specified in the
TACACS+ scheme must be the same as those configured on the TAM server.
• If you specify the nas-ip in the TACACS+ scheme, configure the IP address of the device as the
nas-ip. If you do not specify the nas-ip in the TACACS+ scheme, configure the IP address of the
device as the IP address of the interface that connects the device to the TAM server.
Creating a domain
The scheme used in a domain for login, raising the right, and command line authorization must be the
TACACS+ scheme that you have just created.
Configuring scheme authentication and enabling command line authorization and accounting
Configure the scheme authentication on different interfaces for different login methods.