OS10 Enterprise Edition User Guide Release 10.4.1.0

PDF

TACACS+ unknown or missing user role

When a TACACS+ server authenticates a user and does not return a role or returns an unknown role, OS10 assigns the netoperator role to the authenticated user by default. You can reconfigure the default netoperator role.

  • Enter an OS10 user role in CONFIGURATION mode.
    userrole default inherit 
                                        existing-role-name
                                     
    • existing-role-name — Enter a user role:
      • sysadmin — Full access to all commands in the system, exclusive access to commands that manipulate the file system, and access to the system shell. A system administrator can create user IDs and user roles.
      • secadmin — Full access to configuration commands that set security policy and system access, such as password strength, AAA authorization, and cryptographic keys. A security administrator can display security information, such as cryptographic keys, login statistics, and log information.
      • netadmin — Full access to configuration commands that manage traffic flowing through the switch, such as routes, interfaces, and ACLs. A network administrator cannot access configuration commands for security features or view security information.
      • netoperator — Access to EXEC mode to view the current configuration. A network operator cannot modify any configuration setting on a switch.

Reconfigure the default user role

OS10(config)# userrole default inherit sysadmin

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\