StarOS User Account Requirements
TACACS+ users who are allowed administrative access to the system must have the following user account
information defined in StarOS:
•
username
•
password
•
administrative role and privileges
For instructions on defining users and administrative privileges on the system, refer to Configuring System
Administrative Users.
Important
Configuring TACACS+ AAA Services
This section provides an example of how to configure TACACS+ AAA services for administrative users on
the system.
When configuring TACACS+ AAA services for the first time, the administrative user must use
non-TACACS+ services to log into the StarOS. Failure to do so will result in the TACACS+ user being
denied access to the system.
Caution
Log in to the system using non-TACACS+ services.
Use the example below to configure TACACS+ AAA services on the system:
configure
tacacs mode
server priority priority_number ip-address tacacs+srvr_ip_address
end
Note:
•
server priority priority_number: Must be an integer from 1 to 3 (releases prior to 18.2) or 1 through
4 (releases 18.2+), that specifies the order in which this TACACS+ server will be tried for TACACS+
authentication. 1 is the highest priority, and 3 or 4 is the lowest. The priority number corresponds to a
configured TACACS+ server.
•
ip-address: Must be the IPv4 address of a valid TACACS+ server that will be used for authenticating
administrative users accessing this system via TACACS+ AAA services.
•
By default, the TACACS+ configuration will provide authentication, authorization, and accounting
services.
Enable TACACS+ on the StarOS:
configure
aaa tacacs+
end
For additional information, see Disable TACACS+ Authentication for Console, on page 44.
ASR 5500 System Administration Guide, StarOS Release 21.5
42
System Settings
Configuring TACACS+ AAA Services
To Next Page
Loading...
Need help?
General
