Command Reference Guide Global Configuration Mode Command Set
61200510L1-35E Copyright © 2005 ADTRAN 333

aaa authentication login [<listname> | default] [none | line | enable |

local | group <groupname> | group radius | group tacacs+]

Use the aaa authentication login command to create (or change) a named list with the ability to have a
chain of fallback authentication methods for user authentication. Available methods for the fallback
authentication methods are: no authentication (which grants login access without authentication), line
password, enable password, local database, and defined group of servers. The de fined server groups may
be TACACS+ or RADIUS servers. For more detailed information on AAA functionality, refer to the
Technology Review section of the command aaa on on page 340.
Syntax Description
<listname
>
Specifies a named login list.
default Specifies the default list used to authentica te user s wh en no othe r list is assigned.
none Access automatically granted.
line Uses line password (Telnet 0-4 or console 0-1) for authentication.
enable Uses enable password for authentication.
local Uses local user database for authentication.
group <groupname> Uses specified group of remote servers for authentication.
group radius Uses defined RADIUS servers for authentication.
group tacacs+ Uses defined TACACS+ se rvers for authentication.
Default Values
The login list named default is the default list used to authenticate users when no other list is assigned.
Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and
Total Access 900 Series units .
Command History
Release 5.1 Command was introduced.
Release 11. The group tacacs+ command was added.
Functional Notes
A user is authenticated by trying th e list of metho ds from first to las t until authentication succeeds or fails. If
a method does not succeed or fail, the next method is tried. The local user data base method falls through
to the next method if the usern ame does not a ppear in the dat abase. The group metho d falls through if the
servers in the remote group cannot be found. Refer to the command radius-server on page 492 or
tacacs-server on page 527 for information on defining server groups.