Group authorization on tacacs – Cyclades User's Guide User Manual

Configuration

220

AlterPath KVM/net Installation, Administration, and User’s Guide

have administrative access, and users with regular user privileges have
regular user access.

4. To specify a time out period in seconds for each authentication attempt,

type a number in the “Timeout” field.

If the authentication server does not respond to the client’s login attempt
before the specified time period, the login attempt is cancelled. The user
may retry depending on the number specified in the “Retries” field on this
form.

5. To specify a number of times the user can request authentication

verification from the server before sending an authentication failure
message to the user, enter a number in the “Retries” field.

6. Click “apply changes.”

7. The changes are stored in /etc/tacplus.conf on the KVM/net.

Group Authorization on TACACS+

Selecting Configuration>Security>Authentication>Tacacs+ in Expert mode
brings up the TACACS+ form where an administrators can enable group
authorization checking.

By enabling the “Enable Raccess Authorization” check box, an additional
level of security checking is implemented. After each user/group is
successfully authenticated through the standard login procedure, the KVM/net
uses TACACS+ server to authorize whether or not each user/group is allowed
access to the connected devices.

By default the “Enable Raccess Authorization” is disabled allowing all users
full authorization. When this feature is enabled by placing a check mark in the
box, users are denied access unless they have the proper authorization, which
must be set on the TACACS+ authentication server itself.