Raritan Computer SX32 用户手册
76 D
OMINION
SX
I
NSTALLATION AND
O
PERATIONS
M
ANUAL
TACACS+ Server Configuration
•
The Dominion SX requires a new service to be added and two argument-value pairs to be returned by
the server. The new service is called dominionsx. The valid authorization parameters are port-list and
user-type.
the server. The new service is called dominionsx. The valid authorization parameters are port-list and
user-type.
•
port-list: Specifies the ports that the user has access to. Currently, the only valid value is a space-
separated list of port numbers. Multiple port-list parameters are allowed. All port-list values will be
combined.
separated list of port numbers. Multiple port-list parameters are allowed. All port-list values will be
combined.
•
user-type: A string representing the type of Dominion SX user. Currently: Administrator, Operator, and
Observer.
Observer.
For Dominion SX, both per port Authentication and Authorization are possible with TACACS+
Cisco Freeware Daemon:
This daemon is freely available from Cisco at:
http://cisco.com/en/US/tech/tk583/tk642/technologies_tech_note09186a00800946a3.shtml
Many other TACACS+ implementations are also based on this daemon.
No special steps are required to add the new service or parameters. Simply place them in the user database
for each user that will be accessing a Dominion SX system. Below is an example of user and group usage:
group = anyone
{
service = dominionsx {
port-list = "1 2 3 4 5"
user-type = observer
}
}
user = tanaka
{
login = cleartext "password"
member = anyone
}
user = proctor
{
login = cleartext "password"
service = dominionsx {
port-list = "1 2 3 4 5 15"
user-type = administrator
}
}