Configuring tacacs+ privilege levels, Setting tacacs+ account access level privileges, Displaying the tacacs+ access privilege levels – Sentry Industries PT22 User Manual

Configuring TACACS+ Privilege Levels

Setting TACACS+ account access level privileges

The Set TacPriv Access command sets the access level privileges for a TACACS+ account. The Sentry
has four defined access privilege levels; Admin, User, On-Only and View-Only. For more information
on user access levels, see Changing a user’s access privilege level: on page 17.

To set the access level privilege for a TACACS+ account :

At the Sentry: prompt, type set tacpriv access, followed by admin, user, ononly or viewonly,
optionally followed by a TACACS+ account number and press Enter.

Examples

The following command sets the TACACS+ account access level for account 14 to Admin:

Sentry: set tacpriv access admin 14<Enter>

The following command sets the TACACS+ account access level for account 5 to User:

Sentry: set tacpriv access user 5<Enter>

Granting and removing input status viewing privileges

The Set TacPriv Envmon command grants or removes input status viewing privileges to/from a
TACACS+ account.

To grant or remove input status viewing privileges for a TACACS+ account:

At the Sentry: prompt, type set tacpriv envmon, followed by on or off, optionally followed by a
TACACS+ account number and press Enter.

Example

The following command grants input status viewing privileges to the TACACS+ account 5:

Sentry: set tacpriv envmon on 5<Enter>

Displaying the TACACS+ access privilege levels

The List TacPrivs command displays all TACACS+ accounts with their access privilege levels.

To display TACACS+ account access privilege levels:

At the Sentry: prompt, type list tacprivs and press Enter.

Example

The following command displays all TACACS+ account with their access privilege level:

Sentry: list tacprivs<Enter>
TACACS Access Environmental
Account Name Level Monitoring
TACAdmin Admin Allowed
PowerUser User Allowed
User On-Only Not Allowed
Guest View-Only Not Allowed

Adding outlet access to a TACACS+ account

The Add OutletToTACACS command grants a TACACS+ account access to one or all outlets. To
grant access for more than one outlet, but not all outlets, you must use multiple Add OutletToTACACS
commands.

To grant outlet access to a TACACS+ account:

At the Sentry: prompt, type add outlettotacacs, optionally followed by an outlet name and a
TACACS+ account number. Press Enter, or

Type add outlettotacacs all, followed by a TACACS+ account number and press Enter.

Examples

The following commands grant the a TACACS+ account 5 access to outlets A1 and Webserver_1:

Sentry:add outlettotacacs .a1 5<Enter>
Sentry:add outlettotacacs WebServer_1 5<Enter>

Sentry PT22

Advanced Operations

• 65

Installation and Operations Manual