[tac_plus] Re: ACE authentication
John Payne
john at sackheads.org
Thu Oct 16 04:02:50 UTC 2008
On Oct 15, 2008, at 7:12 PM, John Payne <john at sackheads.org> wrote:
>
> On Oct 14, 2008, at 6:25 PM, John Payne wrote:
>
>> Has anyone had luck translating:
>>
>> 4. Under the TACACS+ Settings section of the page, configure the
>> following
>> settings:
>> – Click the Shell (exec) check box.
>> – Click the Custom attributes check box.
>> – In the text box below Custom attributes, enter the user role and
>> associated
>> domain for a specific context in the following format:
>> shell:<contextname>=<role> <domain1> <domain2>...<domainN>
>> For example, to assign the selected user to the C1 context with the
>> role
>> ROLE1 and the domain DOMAIN1, enter shell:C1=ROLE1 DOMAIN1.
>>
>>
>> Into tac_plus format? I'm trying various combinations under
>> service=shell, but I'm getting stuck with the Network-Monitor role,
>> not the Admin role.
>
> Answering my own question:
>
> service = exec {
> shell:Admin = "Admin default-domain"
> }
>
> (shell:context = "role domain")
Argh... Except that broke authentication for IOS devices....
Help?
More information about the tac_plus
mailing list