Phone Lines icon GFI Support Home Start a conversation Sign in
Start a conversation
  1. Exinda
  2. Exinda - Administration
  3. Articles

Read Only access for TACACS users

Overview

Your Exinda is integrated with TACACS, and you wish to provide some users with Read Only access to Exinda, and not full access.

This article provides steps for how you can give Read Only access to some TACACS users, by differentiating the admin and monitor users.

Solution

In order to differentiate an admin from a monitor account, the user on the TACACS server should have an attribute: "local-user-name" set in the TMS service.

For example, if you have two users, one is an admin (username: t-admin), and the other is a monitor user(username: t-monitor), this is how the users would look like on the TACACS server with the service and attributes:

user = t-admin {
    pap = cleartext "exinda"
    login = des rRe76nTnERlXg
    service = tms-exec {
        "local-user-name" = "admin"
    }
}
user = t-monitor {
    pap = cleartext "exinda"
    login = des rRe76nTnERlXg
    service = tms-exec {
        "local-user-name" = "monitor"
    }
}

Please approach your TACACS admin to define these attributes for users, since it requires TACACS server admin expertise.

Related article 

RADIUS / TACACS attributes for user privileges

 

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments