<div dir="ltr">Hi Daniel, <div><br></div><div style>This worked very well thank you. Is it possible to have multiple service entries? I am not sure how to get around that as I use both juniper and cisco gear I have an issue with auth using both. </div>
<div style><br></div><div style>Tom </div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Mar 14, 2013 at 4:29 PM, Daniel Schmidt <span dir="ltr"><<a href="mailto:daniel.schmidt@wyo.gov" target="_blank">daniel.schmidt@wyo.gov</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Checkout do_auth.py. Several people have reported it to be very useful.<br>
I've been meaning to do some more work on it and Jathan had some excellent<br>
ideas.<br>
<br>
<a href="http://tacacs.org" target="_blank">tacacs.org</a><br>
<div><div class="h5"><br>
-----Original Message-----<br>
From: <a href="mailto:tac_plus-bounces@shrubbery.net">tac_plus-bounces@shrubbery.net</a><br>
[mailto:<a href="mailto:tac_plus-bounces@shrubbery.net">tac_plus-bounces@shrubbery.net</a>] On Behalf Of Tom Murch<br>
Sent: Thursday, March 14, 2013 12:43 PM<br>
To: <a href="mailto:tac_plus@shrubbery.net">tac_plus@shrubbery.net</a><br>
Subject: [tac_plus] multiple groups per user<br>
<br>
Hello I am trying to get this working. Reading the mailing list I was<br>
under the impression this was fixed. I am trying to have the same users<br>
admin both juniper and hp gear.<br>
<br>
#<br>
# tacacs configuration file<br>
# xxxxx -<br>
# /etc/tac_plus.conf<br>
<br>
# set the key<br>
key = xxxxx<br>
<br>
accounting file = /var/log/tac_plus.acct<br>
<br>
#group accounts<br>
<br>
group = admins {<br>
## cli service for junipers<br>
service = junos-exec<br>
{<br>
local-user-name = admins<br>
allow-commands = "all"<br>
allow-configuration = "all"<br>
deny-commands = ""<br>
deny-configuration = ""<br>
}<br>
}<br>
<br>
group = admins2 {<br>
default service = permit<br>
service = exec {<br>
priv-lvl = 15<br>
}<br>
}<br>
<br>
# users accounts<br>
user = tom {<br>
<br>
member = admins<br>
login = des "xxxxx"<br>
enable = cleartext "xxxxx"<br>
name = "Thomas Murch"<br>
}<br>
<br>
user = tomhp {<br>
member = admins2<br>
login = des "xxxxxx"<br>
enable = cleartext "xxxx"<br>
name = "Thomas Murch"<br>
}<br>
</div></div>-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL:<br>
<<a href="http://www.shrubbery.net/pipermail/tac_plus/attachments/20130314/2e757a13
/attachment.html" target="_blank">http://www.shrubbery.net/pipermail/tac_plus/attachments/20130314/2e757a13<br>
/attachment.html</a>><br>
_______________________________________________<br>
tac_plus mailing list<br>
<a href="mailto:tac_plus@shrubbery.net">tac_plus@shrubbery.net</a><br>
<a href="http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus" target="_blank">http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus</a><br>
<br>
E-Mail to and from me, in connection with the transaction<br>
of public business, is subject to the Wyoming Public Records<br>
Act and may be disclosed to third parties.<br>
<br>
</blockquote></div><br></div>