Tacacs+ external authentication service – Avocent Network Device SPC420 User Manual
Page 115
Chapter 6: Authentication Services 95
TACACS+ external authentication service
DSView 3 software supports TACACS+ external authentication. Once the TACACS+
authentication service is added, you may map TACACS+ users to the DSView 3 software database
by using the Add User Account wizard. The username added in the DSView 3 software should
match the username configured in the TACACS+ server. For more information about adding users,
see Adding User Accounts on page 231.
You may choose to associate users with internal DSView 3 software groups to control group level
access rights. Or, you may choose to map users to external TACACS+ groups and control group
level access rights using the TACACS+ service. There are two types of external TACACS+ groups
that can be used: the TACACS+ standard privilege level attribute, or a custom group name
attribute. To map users to external TACACS+ groups, use the DSView 3 software Add User Group
wizard and specify the group type. For more information, see Adding User-defined User Groups on
page 242.
To add a TACACS+ external authentication service:
1.
On the TACACS+ server that will be used as an external authentication service, add the
DSView 3 server as a TACACS+ client. Make a note of the configured shared secret and the
available authentication type(s) on the TACACS+ server.
2.
From the DSView 3 Explorer, Click the Users tab.
3.
Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.
4.
Click Add. The Add Authentication Service Wizard will appear.
5.
The Provide Authentication Service Name and Type window will open.
a.
Type a 1-64 character name for the TACACS+ authentication service.
b.
Select TACACS+ from the Type menu.
c.
Click Next.
6.
The Specify TACACS+ Connection Settings window will open.
a.
Type the address of the TACACS+ host or type the DNS host name in the Server Address
field.
b.
Type the number of the port (from 1-65535) connecting to the TACACS+ host in the Port
Number field. The default port is 49.
c.
Click Next.
7.
The Establish Connection with Authentication Service window will open briefly. If the
external authentication service is contacted successfully, the Specify TACACS+
Authentication Settings window will open.
a.
Select the authentication type from the Authentication Type menu. Make sure it is one of
the available authentication types noted in step 1.
PAP - Password Authentication Protocol
CHAP - Challenge Handshake Authentication Protocol (default)