Cisco Systems XR manual Aaa accounting system default, SR-4

Page 4

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

aaa accounting system default

aaa accounting system default

Syntax Description

Defaults

Command Modes

Command History

To enable authentication, authorization, and accounting (AAA) system accounting, use the aaa accounting system default command in global configuration mode. To disable system accounting, use the no form of this command.

aaa accounting system default {start-stop stop-only} {none method}

no aaa accounting system default

start-stop	Sends a “start accounting” notice during system bootup and a “stop accounting”
	notice during system shutdown or reload.

stop-only	Sends a “stop accounting” notice during system shutdown or reload.

none	Uses no accounting.

method	Method used to enable AAA system accounting. The value is one of the
	following options:

•group tacacs+—Uses the list of all TACACS+ servers for accounting.

•group radius—Uses the list of all RADIUS servers for accounting.

•group named-group—Uses a named subset of TACACS+ or RADIUS servers for accounting, as defined by the aaa group server tacacs+ or aaa group server radius command.

AAAaccounting is disabled.

Global configuration

Release Modification

Release 2.0 This command was introduced on the Cisco CRS-1.

Release 3.0 No modification.

Release 3.2 This command was supported on the Cisco XR 12000 Series Router.

Release 3.3.0 The method argument was added to specify either group tacacs+, group radius, or group named-groupoptions.

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

System accounting does not use named accounting lists; you can define only the default list for system accounting.

Cisco IOS XR System Security Command Reference

SR-4

Image 4

Contents SR-1 Aaa accounting SR-2Aaa Read, write Creates a method list to be used for authorizationSR-3 Aaa accounting system default SR-4Creates a method list for authorization Creates a method list for authenticationSR-5 Aaa authentication SR-6Creates a method list for accounting Radius, group named-group,local, or line optionsSR-7 Command Description SR-8Aaa authorization NetworkLocal SR-9SR-10 Which specifies that TACACS+ authorization is used SR-11Aaa default-taskgroup SR-12Aaa group server radius SR-13Comprises three member servers SR-14Aaa group server tacacs+ SR-15SR-16 Accounting Aaa accounting commandSR-17 List named listname2 on a line template named configure SR-18Authorization command AuthorizationSR-19 Listname4 on a line template named configure SR-20Deadtime minutes no deadtime Deadtime server-group configurationSR-21 Related Commands Description SR-22Description string No description Description AAASR-23 Taskgroup SR-24Group SR-25Task ID Examples SR-26Inherit taskgroup SR-27SR-28 Inherit usergroup usergroup-name Inherit usergroupSR-29 Sales user group SR-30Authentication login command Login authenticationSR-31 SR-32 Password 0 7 password No password 0 7 password Password AAASR-33 SR-34 Radius-server dead-criteria time SR-35SR-36 Radius-server dead-criteria tries SR-37Dead-criteria time SR-38Radius-server deadtime minutes No radius-server deadtime Radius-server deadtimeSR-39 SR-40 Timeout seconds Radius-server hostRetransmit retries SR-41SR-42 SR-43 Radius-server key SR-44Specifies a Radius server host SR-45Radius-server retransmit SR-46Radius-server timeout seconds No radius-server timeout Radius-server timeoutSR-47 Radius source-interface SR-48Outgoing Radius packets SR-49Secret 0 5 secret no secret 0 5 secret SecretSR-50 SR-51 Server Radius SR-52SR-53 Server TACACS+ SR-54Groups different TACACS+ server hosts into distinct lists SR-55Show aaa SR-56SR-57 Aaa usergroup operatorSR-58 Displays task IDs enabled for the currently logged-in user SR-59If no radius servers are configured, no output is displayed Show radiusShow radius SR-60Field Description SR-61Show radius accounting Show radius accountingSR-62 Show radius authentication SR-63Show radius authentication Show radius authenticationSR-64 Show radius accounting SR-65Show radius client Show radius clientSR-66 SR-67 Show radius dead-criteria SR-68SR-69 No default behavior or values Show radius server-groupsShow radius server-groups SR-70Field Description SR-71Show tacacs Show tacacsSR-72 SR-73 Show tacacs server-groups Show tacacs server-groupsSR-74 SR-75 Show task supported Show task supportedSR-76 SR-77 Ouni pkg-mgmt pos-dpt pppShow user SR-78SR-79 User allSR-80 SR-81 Tacacs-server host SR-82SR-83 Tacacs-server key key-nameno tacacs-server key Tacacs-server keySR-84 Specifies a TACACS+ host SR-85Tacacs-server timeout seconds No tacacs-server timeout Tacacs-server timeoutSR-86 Tacacs source-interface SR-87Aaa group server radius SR-88Task WriteExecute DebugSR-90 Taskgroup SR-91Adds a task ID to a task group Creates a task group description in task configuration modeSR-92 Timeout login response SR-93Enables AAA authentication for logins SR-94Usergroup SR-95Creates a description of a task group during configuration SR-96Username SR-97Defines a method list for authentication Creates a login password for a userAdds a user to a group SR-98Users group SR-99Given operator privileges SR-100