Support User Manuals

Cisco Systems OL-25712-04 Security Camera User Manual

Open as PDF

of 768

What to Do Next

Create an TACACS+ provider.

Creating a TACACS+ Provider

Cisco UCS Manager supports a maximum of 16 TACACS+ providers.

Before You Begin

Perform the following configuration in the TACACS+ server:

• Create the cisco-av-pair attribute. You cannot use an existing TACACS+ attribute.

The cisco-av-pair name is the string that provides the attribute ID for the TACACS+ provider.

The following syntax example shows how to specify multiples user roles and locales when you create

the cisco-av-pair attribute: cisco-av-pair=shell:roles="admin aaa" shell:locales*"L1 abc".

Using an asterisk (*) in the cisco-av-pair attribute syntax flags the locale as optional, preventing

authentication failures for other Cisco devices that use the same authorization profile. Use a space as

the delimiter to separate multiple values.

• For a cluster configuration, add the management port IP addresses for both fabric interconnects. This

configuration ensures that remote users can continue to log in if the first fabric interconnect fails and

the system fails over to the second fabric interconnect. All login requests are sourced from these IP

addresses, not the virtual IP address used by Cisco UCS Manager.

Procedure

Step 1

In the Navigation pane, click the Admin tab.

Step 2

On the Admin tab, expand All > User Management > TACACS+.

Step 3

In the Actions area of the General tab, click Create TACACS+ Provider.

Step 4

In the Create TACACS+ Provider dialog box:

a) Complete the fields with the information about the TACACS+ service you want to use.

DescriptionName

The hostname or IP address on which the TACAS+ provider resides.

If you use a hostname rather than an IP address, you must

configure a DNS server in Cisco UCS Manager.

Note

Hostname field

The order in which Cisco UCS uses this provider to authenticate

users.

Enter an integer between 1 and 16, or enter lowest-available or 0

(zero) if you want Cisco UCS to assign the next available order based

on the other providers defined in this Cisco UCS domain.

Order field

The SSL encryption key for the database.Key field

The SSL encryption key repeated for confirmation purposes.Confirm Key field

Cisco UCS Manager GUI Configuration Guide, Release 2.0

OL-25712-04 145

Configuring TACACS+ Providers

previous next