Heikki, I sent attached email to [email protected], but I did not get this email from [RADIATOR] mailman group. I send email to you directly in case I did not send email properly to Support.
Thank you. Dennis Qiu Information Systems Davis Polk & Wardwell LLP 450 Lexington Avenue New York, NY 10017 212 450 5651 tel [email protected] ________________________________________________________________________________ Confidentiality Note: This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. Unauthorized use, dissemination, distribution or copying of this email or the information herein or taking any action in reliance on the contents of this email or the information herein, by anyone other than the intended recipient, or an employee or agent responsible for delivering the message to the intended recipient, is strictly prohibited. If you have received this email in error, please notify the sender immediately and destroy the original message, any attachments thereto and all copies. Please refer to the firm's privacy policy located at www.davispolk.com for important information on this policy.
--- Begin Message ---Support, We have Cisco devices using NX-OS. We would like to use roles. I configure the roles based on demo configuration file. See following: <ServerTACACSPLUS > AddToRequest NAS-Identifier=TACACS AuthorizationTimeout 3600 AuthorizeGroup netadmin permit service=shell {shell:roles*"network-admin vdc-admin"} AuthorizeGroup netadmin deny .* AuthorizeGroup users permit service=shell {shell:roles*"network-operator vdc-operator"} AuthorizeGroup users deny .* AuthorizeGroup netadmin permit service=shell cmd\* {priv-lvl=15} AuthorizeGroup netadmin permit .* AuthorizeGroup users permit service=shell cmd\* {priv-lvl=1} AuthorizeGroup users permit .* AuthorizeGroup guest permit service=shell cmd\* {priv-lvl=0} AuthorizeGroup DEFAULT deny .* BindAddress 144.211.2.97 GroupCacheFile %L/radiator-tacacs-usergroup.cache GroupMemberAttr tacacsgroup IdleTimeout 3600 MaxBufferSize 100000 PasswordPrompt Password: Port 49 SingleSession 1 UsernamePrompt Username: <Log FILE> Filename %L/tacacs.log Trace 6 </Log> </ServerTACACSPLUS> I also attach our radius.cfg file. My question is how to define roles in radius.cfg. The roles I need are: Network-admin, vdc-admin, network-operator and vdc-operator. Thank you Dennis Qiu Information Systems Davis Polk & Wardwell LLP 450 Lexington Avenue New York, NY 10017 212 450 5651 tel [email protected]<mailto:[email protected]> _____ Confidentiality Note: This email is intended only for the person or entity to which it is addressed and may contain information that is privileged, confidential or otherwise protected from disclosure. Unauthorized use, dissemination, distribution or copying of this email or the information herein or taking any action in reliance on the contents of this email or the information herein, by anyone other than the intended recipient, or an employee or agent responsible for delivering the message to the intended recipient, is strictly prohibited. If you have received this email in error, please notify the sender immediately and destroy the original message, any attachments thereto and all copies. Please refer to the firm's privacy policy<http://www.davispolk.com/files/uploads/davispolk.master.privacypolicy.sep10.pdf> located at www.davispolk.com<http://www.davispolk.com> for important information on this policy.
--- End Message ---
_______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
