ArubaOS and Controllers

Reply
New Contributor
Posts: 2
Registered: ‎10-13-2008

Tacacs admin mgmt using ACS5

Does anyone know which vendor attributes are required for tacacs admin authentication. Also, how to set them up on ACS5 and values associated with each attribute.
Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Do Not need Attributes

You do NOT need to pass attributes when using TACACS.


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

New Contributor
Posts: 2
Registered: ‎10-13-2008

Re: Tacacs admin mgmt using ACS5

I guess the question is how to segregate access between different users and user groups. If I create the following role condition it works but I don't want to create one for every user - "set role condition User-Name equals "ofilipe" set-value root". I tried the below with the ldap group but it doesn't give me root access. I am allowed to login.

set role condition memberOf contains NSG-LAN-RW set-value root
Guru Elite
Posts: 21,010
Registered: ‎03-29-2007

Radius

This works with Radius, but not TACACs at this time. The Aruba Controller does not act on tacacs attributes. Check out the article here: http://airheads.arubanetworks.com/vBulletin/showthread.php?t=704


Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Search Airheads
Showing results for 
Search instead for 
Did you mean: