[tac_plus] Re: Privilege Level / Configuration Changes

Mon Oct 22 19:49:17 UTC 2007

Thank You, The restarting command works great, but I still can't login
and have a user be in enable mode without having to type the enable
password.

The statement for this user looks like:

user = jcharlton {
        login = des *****
        member = staff
}

With the commands you provided me, my file looks like this, but not
acting as I thought it would.

user = jcharlton {
        login = des sK7fnk8/W5Cvc
        member = staff
		service = exec {
			priv-lvl=15
	}

}

Thanks for any further help.

Jason Charlton, CCNA
DataPoint Inc.
410-209-6770
noc at datapointinc.com

-----Original Message-----
From: john heasley [mailto:heas at shrubbery.net] 
Sent: Monday, October 22, 2007 3:23 PM
To: Jason Charlton
Cc: tac_plus at shrubbery.net
Subject: Re: [tac_plus] Privilege Level / Configuration Changes

Mon, Oct 22, 2007 at 03:15:29PM -0400, JCharlton at DataPointInc.com:
> Hello,
> 
>  
> 
> I have 2 questions.  First one is, I am using tacacs+-F4.0.4.10, on
> CentOS 5.  I am trying to make it so on a per user basis, when they
> authenticate to our Cisco gear, they go into enable mode instead of
> starting in user mode, like you are able to do when you configure
> usernames with privilege 15 on a Cisco router or switch.

user = name {
        service = exec {
                priv-lvl=15
        }
}

> Another thing is that I am trying to make a script or make it so that
if
> you change the configuration file, that you do not have to restart the
> box to make the change go though, because unfortunately that is the
only
> way I have found to make it apply the configuration changes in the
conf
> file, and I still have to do tac_plus -C /(file) after restart.

kill -1 `cat /var/run/tac_plus.pid`