<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
Hi Andy,<BR>
<BR>
We have several devices, and most of them are authenticating using TACACS (with AD integration). <BR>
As you said in your post, you have to put the user/pass of the account created in AD.<BR>
You have to take into account (in case of using TACACS) the privilege given to the user, as it could be needed to enable, and also configured at .cloginrc.<BR>
<BR>
<BR>
Regards.<BR>
Mario<BR> <BR>
<DIV>
<DIV id=SkyDrivePlaceholder></DIV>
<HR id=stopSpelling>
From: me@andytownsend.co.uk<BR>Date: Thu, 8 Mar 2012 15:30:47 +0000<BR>To: rancid-discuss@shrubbery.net<BR>Subject: [rancid] Rancid - SSH and AD auth<BR><BR>Firstly thanks to the guys who helped me previously. I've now got a copy of Rancid up and running.
<DIV><BR></DIV>
<DIV>Currently we just use telnet and local pwd's for accessing the switches but I'm looking at changing this to SSH and AD/Radius authentication. </DIV>
<DIV><BR></DIV>
<DIV>Now from what I can see, SSH should be fine and I'm presuming the AD auth will be ok as well. As long as rancid has a domain account it can use, the username/pwd are specified in .cloginrc then it should be all ok?</DIV>
<DIV><BR></DIV>
<DIV>Just wondering if anyone has set it up like this in the past? I think it should be all ok, just wanted to double check and see if there were any major gotchas.</DIV>
<DIV><BR></DIV>
<DIV>Cheers,</DIV>
<DIV>Andy</DIV><BR>_______________________________________________ Rancid-discuss mailing list Rancid-discuss@shrubbery.net http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss</DIV> </div></body>
</html>