Cisco Systems XR manual Taskgroup, SR-91

Page 91

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

taskgroup

taskgroup

To configure a task group to be associated with a set of task IDs, and to enter task group configuration mode, use the taskgroup command in global configuration mode. To delete a task group, use the no form of this command.

taskgroup taskgroup-name[description string task {read write execute debug} taskid-nameinherit taskgroup taskgroup-name]

no taskgroup taskgroup-name

Syntax Description

taskgroup-name

Name of a particular task group.

 

description

(Optional) Enables you to create a description for the named task group.

 

 

 

 

string

(Optional) Character string used for the task group description.

 

 

 

 

task

(Optional) Specifies that a task ID is to be associated with the named task group.

 

 

 

 

read

(Optional) Specifies that the named task ID permits read access only.

 

 

 

 

write

(Optional) Specifies that the named task ID permits read and write access only.

 

 

 

 

execute

(Optional) Specifies that the named task ID permits execute access.

 

 

 

 

debug

(Optional) Specifies that the named task ID permits debug access only.

 

 

 

 

taskid-name

(Optional) Name of a task: the task ID.

 

 

 

 

inherit taskgroup

(Optional) Copies permissions from the named task group.

 

 

 

 

taskgroup-name

(Optional) Name of the task group from which permissions are to be inherited.

 

 

 

Defaults

Command Modes

Command History

Five predefined user groups are available by default.

Global configuration

Release

Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

 

 

Release 3.0

No modification.

 

 

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.

 

 

Release 3.3.0

Support was added to display all task groups in global configuration mode.

 

 

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Task groups are configured with a set of task IDs for each action type. Deleting a task group that is still referenced in the system results in a warning and rejection of the deletion.

From global configuration mode, you can display all the configured task groups. However, you cannot display all the configured task groups in taskgroup configuration mode.

Cisco IOS XR System Security Command Reference

SR-91

Image 91
Contents SR-1 SR-2 Aaa accountingAaa Read, write Creates a method list to be used for authorizationSR-3 SR-4 Aaa accounting system defaultCreates a method list for authorization Creates a method list for authenticationSR-5 SR-6 Aaa authenticationCreates a method list for accounting Radius, group named-group,local, or line optionsSR-7 SR-8 Command DescriptionSR-9 Aaa authorizationNetwork LocalSR-10 SR-11 Which specifies that TACACS+ authorization is usedSR-12 Aaa default-taskgroupSR-13 Aaa group server radiusSR-14 Comprises three member serversSR-15 Aaa group server tacacs+SR-16 Accounting Aaa accounting commandSR-17 SR-18 List named listname2 on a line template named configureAuthorization command AuthorizationSR-19 SR-20 Listname4 on a line template named configureDeadtime minutes no deadtime Deadtime server-group configurationSR-21 SR-22 Related Commands DescriptionDescription string No description Description AAASR-23 SR-24 TaskgroupSR-25 GroupSR-26 Task ID ExamplesSR-27 Inherit taskgroupSR-28 Inherit usergroup usergroup-name Inherit usergroupSR-29 SR-30 Sales user groupAuthentication login command Login authenticationSR-31 SR-32 Password 0 7 password No password 0 7 password Password AAASR-33 SR-34 SR-35 Radius-server dead-criteria timeSR-36 SR-37 Radius-server dead-criteria triesSR-38 Dead-criteria timeRadius-server deadtime minutes No radius-server deadtime Radius-server deadtimeSR-39 SR-40 SR-41 Timeout secondsRadius-server host Retransmit retriesSR-42 SR-43 SR-44 Radius-server keySR-45 Specifies a Radius server hostSR-46 Radius-server retransmitRadius-server timeout seconds No radius-server timeout Radius-server timeoutSR-47 SR-48 Radius source-interfaceSR-49 Outgoing Radius packetsSecret 0 5 secret no secret 0 5 secret SecretSR-50 SR-51 SR-52 Server RadiusSR-53 SR-54 Server TACACS+SR-55 Groups different TACACS+ server hosts into distinct listsSR-56 Show aaaAaa usergroup operator SR-57SR-58 SR-59 Displays task IDs enabled for the currently logged-in userSR-60 If no radius servers are configured, no output is displayedShow radius Show radiusSR-61 Field DescriptionShow radius accounting Show radius accountingSR-62 SR-63 Show radius authenticationShow radius authentication Show radius authenticationSR-64 SR-65 Show radius accountingShow radius client Show radius clientSR-66 SR-67 SR-68 Show radius dead-criteriaSR-69 SR-70 No default behavior or valuesShow radius server-groups Show radius server-groupsSR-71 Field DescriptionShow tacacs Show tacacsSR-72 SR-73 Show tacacs server-groups Show tacacs server-groupsSR-74 SR-75 Show task supported Show task supportedSR-76 Ouni pkg-mgmt pos-dpt ppp SR-77SR-78 Show userUser all SR-79SR-80 SR-81 SR-82 Tacacs-server hostSR-83 Tacacs-server key key-nameno tacacs-server key Tacacs-server keySR-84 SR-85 Specifies a TACACS+ hostTacacs-server timeout seconds No tacacs-server timeout Tacacs-server timeoutSR-86 SR-87 Tacacs source-interfaceSR-88 Aaa group server radiusDebug TaskWrite ExecuteSR-90 SR-91 TaskgroupAdds a task ID to a task group Creates a task group description in task configuration modeSR-92 SR-93 Timeout login responseSR-94 Enables AAA authentication for loginsSR-95 UsergroupSR-96 Creates a description of a task group during configurationSR-97 UsernameSR-98 Defines a method list for authenticationCreates a login password for a user Adds a user to a groupSR-99 Users groupSR-100 Given operator privileges