D-Link 3324SRi Reference Manual - Page 176

config authen_enable, DGS-3324SRi:4#create authen_enable method_list_name Permit - default password

Get D-Link 3324SRi - Switch - Stackable PDF manuals and user guides
UPC - 790069256042
View all D-Link 3324SRi manuals
Add to My Manuals
Save this manual to your list of manuals

Page 176 highlights

Example usage: xStack Gigabit Layer 3 Switch Command Line Interface Manual To create a user-defined method list, named "Permit" for promoting user privileges to Administrator privileges: DGS-3324SRi:4#create authen_enable method_list_name Permit Command: show authen_login method_list_name Permit Success. DGS-3324SRi:4# config authen_enable Purpose Syntax Description Parameters Used to configure a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch. config authen_enable [default | method_list_name ] method {tacacs | xtacacs | tacacs+ | radius | server_group | local_enable | none} This command is used to promote users with normal level privileges to Administrator level privileges using authentication methods on the Switch. Once a user acquires normal user level privileges on the Switch, he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch, which is defined by the Administrator. A maximum of eight (8) method lists can be implemented on the Switch. The sequence of methods implemented in this command will affect the authentication result. For example, if a user enters a sequence of methods like tacacs - xtacacs - local_enable, the Switch will send an authentication request to the first tacacs host in the server group. If no verification is found, the Switch will send an authentication request to the second tacacs host in the server group and so on, until the list is exhausted. At that point, the Switch will restart the same sequence with the following protocol listed, xtacacs. If no authentication takes place using the xtacacs list, the local_enable password set in the Switch is used to authenticate the user. Successful authentication using any of these methods will give the user a "Admin" privilege. default - The default method list for administration rights authentication, as defined by the user. The user may choose one or a combination of up to four (4) of the following authentication methods: tacacs - Adding this parameter will require the user to be authenticated using the TACACS protocol from the remote TACACS server hosts of the TACACS server group list. xtacacs - Adding this parameter will require the user to be authenticated using the XTACACS protocol from the remote XTACACS server hosts of the XTACACS server group list. tacacs+ - Adding this parameter will require the user to be authenticated using the TACACS+ protocol from the remote TACACS+ server hosts of the TACACS+ server group list. radius - Adding this parameter will require the user to be 168

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
xStack Gigabit Layer 3 Switch Command Line Interface Manual
Example usage:
To create a user-defined method list, named “Permit” for promoting user privileges to Administrator privileges:
Command: show authen_login method_list_name Permit
DGS-3324SRi:4#create authen_enable method_list_name Permit
Success.
DGS-3324SRi:4#
config authen_enable
Used to configure a user-defined method list of authentication
methods for promoting normal user level privileges to Administrator
level privileges on the Switch.
config authen_enable [default | method_list_name <string 15>]
method {tacacs | xtacacs | tacacs+ | radius | server_group
<string 15> | local_enable | none}
This command is used to promote users with normal level privileges
to Administrator level privileges using authentication methods on the
Switch. Once a user acquires normal user level privileges on the
Switch, he or she must be authenticated by a method on the Switch
to gain administrator privileges on the Switch, which is defined by
the Administrator. A maximum of eight (8) method lists can be
implemented on the Switch.
The sequence of methods implemented in this command will affect
the authentication result. For example, if a user enters a sequence of
methods like
tacacs – xtacacs – local_enable,
the Switch will send
an authentication request to the first
tacacs
host in the server group.
If no verification is found, the Switch will send an authentication
request to the second
tacacs
host in the server group and so on,
until the list is exhausted. At that point, the Switch will restart the
same sequence with the following protocol listed,
xtacacs
. If no
authentication takes place using the
xtacacs
list, the
local_enable
password set in the Switch is used to authenticate the user.
Purpose
Syntax
Description
Successful authentication using any of these methods will give the
user a “Admin” privilege.
Parameters
default
– The default method list for administration rights
authentication, as defined by the user. The user may choose one or
a combination of up to four (4) of the following authentication
methods:
±
tacacs
– Adding this parameter will require the user to be
authenticated using the TACACS protocol from the remote
TACACS
server hosts
of the TACACS
server group
list.
±
xtacacs
– Adding this parameter will require the user to be
authenticated using the XTACACS protocol from the remote
XTACACS
server hosts
of the XTACACS
server group
list.
±
tacacs+
– Adding this parameter will require the user to be
authenticated using the TACACS+ protocol from the remote
TACACS+
server hosts
of the TACACS+
server group
list.
±
radius
- Adding this parameter will require the user to be
168