AAA Methods
aaa accounting changes default {<time-frame> | stop-only} tacacs+
Enables logging of system changes to a AAA accounting server.
Syntax Description
stop-only
Sends a stop accounting notice at the end of requested user process
Default
N/A
Configuration Mode
config
History
1.5
Example
Related Commands
show aaa
Notes
aaa authentication login default <auth method> [<auth method> [<auth method> [<auth method> [<auth method>]]]]
Sets a sequence of authentication methods. Up to four methods can be configured.
Syntax Description
auth-method
Possible values:
Default
N/A
Configuration Mode
config
History
1.5
Example
Related Commands
show aaa
Notes
The order in which the methods are specified is the order in which the authentication is attempted. It is required that "local" is one of the methods selected. It is recommended that "local" be listed first to avoid potential problems logging in to local accounts in the face of network or remote server issues.
aaa authorization map [default-user <username> | order <policy>]
Sets the mapping permissions of a user in case a remote authentication is done.
Syntax Description
username
Specifies what local account the authenticated user will be logged on as when a user is authenticated (via RADIUS or TACACS+) and does not have a local account. If the username is local, this mapping is ignored.
policy
Sets the user mapping behavior when authenticating users via RADIUS or TACACS+ to one of three choices. The order determines how the remote user mapping behaves. If the authenticated username is valid locally, no mapping is performed. The setting has the following three possible behaviors:
Default
Default user: admin
Configuration Mode
config
History
1.5
Example
Related Commands
show aaa
Notes
If, for example, the user is locally defined to have admin permission, but in a remote server such as RADIUS the user is authenticated as monitor and the order is remote-first, then the user will be given monitor permissions.
show aaa
Displays the AAA configuration.
Syntax Description
N/A
Default
N/A
Configuration Mode
Any configuration mode
History
1.5
Example
Related Commands
aaa accounting
Notes