User authentication
Terminal Access Controller Access-Control System Plus ()
IX10 User Guide
617
4. Add servers:
a. For
Add server
, click
.
b. For
Hostname
, type the hostname or IP address of the server.
c. (Optional) Change the default
Port
setting to the appropriate port. Normally this should
be left at the default setting of port 49.
d. For
Secret
, type the server's shared secret. This is configured in the key
parameter of the server's tac_plus.conf file, for example:
key = testing123
e. (Optional) Click
again to add additional servers.
5. (Optional) Enable
Authoritative
to prevent other authentication methods from being used if
authentication fails. Other authentication methods will only be used if the
server is unavailable.
6. (Optional) For
Group attribute
, type the name of the attribute used in the server's
configuration to identify the IX10 authentication group or groups that the user is a member of.
For example, in
, the group attribute in the sample tac_plus.conf
file is
groupname
, which is also the default setting in the IX10 configuration.
7. (Optional) For
Service
, type the value of the
service
attribute in the the server's
configuration. For example, in
, the value of the
service
attribute in
the sample tac_plus.conf file is
system
, which is also the default setting in the IX10
configuration.
8. (Optional) Enable
Command authorization
, which instructs the device to communicate with
the server to determine if the user is authorized to execute a specific command. Only
the first configured server will be used for command authorization.
9. (Optional) Enable
Command accounting
, which instructs the device to communicate with the
server to log commands that the user executes. Only the first configured
server will be used for command accounting.