xStack
Command: create authen_login method_list_name Trinity
Success.
config authen_login
Purpose | Used to configure a |
| authentication methods for user login. |
Syntax | config authen_login [default method_list_name <string 15>] |
| method {tacacs xtacacs tacacs+ radius server_group |
| <string 15> local none} |
Description | This command will configure a |
| authentication methods for users logging on to the Switch. The |
| sequence of methods implemented in this command will affect the |
| authentication result. For example, if a user enters a sequence of |
| methods like tacacs – xtacacs – local, the Switch will send an |
| authentication request to the first tacacs host in the server group. If |
| no response comes from the server host, the Switch will send an |
| authentication request to the second tacacs host in the server group |
| and so on, until the list is exhausted. At that point, the Switch will |
| restart the same sequence with the following protocol listed, xtacacs. |
| If no authentication takes place using the xtacacs list, the local |
| account database set in the Switch is used to authenticate the user. |
| When the local method is used, the privilege level will be dependant |
| on the local account privilege configured on the Switch. |
| Successful login using any of these methods will give the user a |
| “user” privilege only. If the user wishes to upgrade his or her status to |
| the administrator level, the user must implement the enable admin |
| command, followed by a previously configured password. (See the |
| enable admin part of this section for more detailed information, |
| concerning the enable admin command.) |
Parameters | default – The default method list for access authentication, as defined |
| by the user. The user may choose one or a combination of up to four |
| (4) of the following authentication methods: |
| tacacs – Adding this parameter will require the user to be |
| authenticated using the TACACS protocol from the remote |
| TACACS server hosts of the TACACS server group list. |
| xtacacs – Adding this parameter will require the user to be |
| authenticated using the XTACACS protocol from the remote |
| XTACACS server hosts of the XTACACS server group list. |
| tacacs+ – Adding this parameter will require the user to be |
| authenticated using the TACACS+ protocol from the remote |
| TACACS+ server hosts of the TACACS+ server group list. |
| radius - Adding this parameter will require the user to be |
| authenticated using the RADIUS protocol from the RADIUS |
| server listed in the server group list. |
| server_group <string 15> - Adding this parameter will require |
| the user to be authenticated using a |
| group previously configured on the Switch. |
| local - Adding this parameter will require the user to be |
156
