Skip to content
Was this article helpful?

authentication tacacsAction

The following operations can be performed on "authentication tacacsAction":

add | rm | set | unset | show

add authentication tacacsAction

Creates an action (profile) for a TACACS+ server. The profile contains all configuration data necessary to communicate with that TACACS+ server.

Synopsys

add authentication tacacsAction <name> [-serverIP <ip_addr|ipv6_addr|*>] [-serverPort <port>] [-authTimeout <positive_integer>] {-tacacsSecret } [-authorization ( ON | OFF )] [-accounting ( ON | OFF )] [-auditFailedCmds ( ON | OFF )] [-groupAttrName <string>] [-defaultAuthenticationGroup <string>] [-Attribute1 <string>] [-Attribute2 <string>] [-Attribute3 <string>] [-Attribute4 <string>] [-Attribute5 <string>] [-Attribute6 <string>] [-Attribute7 <string>] [-Attribute8 <string>] [-Attribute9 <string>] [-Attribute10 <string>] [-Attribute11 <string>] [-Attribute12 <string>] [-Attribute13 <string>] [-Attribute14 <string>] [-Attribute15 <string>] [-Attribute16 <string>]

Arguments

name

Name for the TACACS+ profile (action).

Must begin with a letter, number, or the underscore character (_), and must contain only letters, numbers, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore characters. Cannot be changed after TACACS profile is created.

The following requirement applies only to the NetScaler CLI:

If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my authentication action" or 'y authentication action').

serverIP

IP address assigned to the TACACS+ server.

serverPort

Port number on which the TACACS+ server listens for connections.

Default value: 49

Minimum value: 1

authTimeout

Number of seconds the NetScaler appliance waits for a response from the TACACS+ server.

Default value: 3

Minimum value: 1

tacacsSecret

Key shared between the TACACS+ server and the NetScaler appliance.

Required for allowing the NetScaler appliance to communicate with the TACACS+ server.

authorization

Use streaming authorization on the TACACS+ server.

Possible values: ON, OFF

accounting

Whether the TACACS+ server is currently accepting accounting messages.

Possible values: ON, OFF

auditFailedCmds

The state of the TACACS+ server that will receive accounting messages.

Possible values: ON, OFF

groupAttrName

TACACS+ group attribute name.

Used for group extraction on the TACACS+ server.

defaultAuthenticationGroup

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

Attribute1

Name of the custom attribute to be extracted from server and stored at index '1' (where '1' changes for each attribute)

Attribute2

Name of the custom attribute to be extracted from server and stored at index '2' (where '2' changes for each attribute)

Attribute3

Name of the custom attribute to be extracted from server and stored at index '3' (where '3' changes for each attribute)

Attribute4

Name of the custom attribute to be extracted from server and stored at index '4' (where '4' changes for each attribute)

Attribute5

Name of the custom attribute to be extracted from server and stored at index '5' (where '5' changes for each attribute)

Attribute6

Name of the custom attribute to be extracted from server and stored at index '6' (where '6' changes for each attribute)

Attribute7

Name of the custom attribute to be extracted from server and stored at index '7' (where '7' changes for each attribute)

Attribute8

Name of the custom attribute to be extracted from server and stored at index '8' (where '8' changes for each attribute)

Attribute9

Name of the custom attribute to be extracted from server and stored at index '9' (where '9' changes for each attribute)

Attribute10

Name of the custom attribute to be extracted from server and stored at index '10' (where '10' changes for each attribute)

Attribute11

Name of the custom attribute to be extracted from server and stored at index '11' (where '11' changes for each attribute)

Attribute12

Name of the custom attribute to be extracted from server and stored at index '12' (where '12' changes for each attribute)

Attribute13

Name of the custom attribute to be extracted from server and stored at index '13' (where '13' changes for each attribute)

Attribute14

Name of the custom attribute to be extracted from server and stored at index '14' (where '14' changes for each attribute)

Attribute15

Name of the custom attribute to be extracted from server and stored at index '15' (where '15' changes for each attribute)

Attribute16

Name of the custom attribute to be extracted from server and stored at index '16' (where '16' changes for each attribute)

rm authentication tacacsAction

Removes a TACACS+ profile (action). A profile cannot be removed as long as it is bound to a policy.

Synopsys

rm authentication tacacsAction <name>

Arguments

name

Name of the profile to be removed.

set authentication tacacsAction

Modifies a TACACS+ server profile (action).

Synopsys

set authentication tacacsAction <name> [-serverIP <ip_addr|ipv6_addr|*>] [-serverPort <port>] [-authTimeout <positive_integer>] {-tacacsSecret } [-authorization ( ON | OFF )] [-accounting ( ON | OFF )] [-auditFailedCmds ( ON | OFF )] [-groupAttrName <string>] [-defaultAuthenticationGroup <string>] [-Attribute1 <string>] [-Attribute2 <string>] [-Attribute3 <string>] [-Attribute4 <string>] [-Attribute5 <string>] [-Attribute6 <string>] [-Attribute7 <string>] [-Attribute8 <string>] [-Attribute9 <string>] [-Attribute10 <string>] [-Attribute11 <string>] [-Attribute12 <string>] [-Attribute13 <string>] [-Attribute14 <string>] [-Attribute15 <string>] [-Attribute16 <string>]

Arguments

name

Name of the TACACS+ profile to modify.

serverIP

IP address assigned to the TACACS+ server.

serverPort

Port number on which the TACACS+ server listens for connections.

Default value: 49

Minimum value: 1

authTimeout

Number of seconds the NetScaler appliance waits for a response from the TACACS+ server.

Default value: 3

Minimum value: 1

tacacsSecret

Key shared between the TACACS+ server and the NetScaler appliance.

Required for allowing the NetScaler appliance to communicate with the TACACS+ server.

authorization

Use streaming authorization on the TACACS+ server.

Possible values: ON, OFF

accounting

Whether the TACACS+ server is currently accepting accounting messages.

Possible values: ON, OFF

auditFailedCmds

The state of the TACACS+ server that will receive accounting messages.

Possible values: ON, OFF

groupAttrName

TACACS+ group attribute name.

Used for group extraction on the TACACS+ server.

defaultAuthenticationGroup

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

Attribute1

Name of the custom attribute to be extracted from server and stored at index '1' (where '1' changes for each attribute)

Attribute2

Name of the custom attribute to be extracted from server and stored at index '2' (where '2' changes for each attribute)

Attribute3

Name of the custom attribute to be extracted from server and stored at index '3' (where '3' changes for each attribute)

Attribute4

Name of the custom attribute to be extracted from server and stored at index '4' (where '4' changes for each attribute)

Attribute5

Name of the custom attribute to be extracted from server and stored at index '5' (where '5' changes for each attribute)

Attribute6

Name of the custom attribute to be extracted from server and stored at index '6' (where '6' changes for each attribute)

Attribute7

Name of the custom attribute to be extracted from server and stored at index '7' (where '7' changes for each attribute)

Attribute8

Name of the custom attribute to be extracted from server and stored at index '8' (where '8' changes for each attribute)

Attribute9

Name of the custom attribute to be extracted from server and stored at index '9' (where '9' changes for each attribute)

Attribute10

Name of the custom attribute to be extracted from server and stored at index '10' (where '10' changes for each attribute)

Attribute11

Name of the custom attribute to be extracted from server and stored at index '11' (where '11' changes for each attribute)

Attribute12

Name of the custom attribute to be extracted from server and stored at index '12' (where '12' changes for each attribute)

Attribute13

Name of the custom attribute to be extracted from server and stored at index '13' (where '13' changes for each attribute)

Attribute14

Name of the custom attribute to be extracted from server and stored at index '14' (where '14' changes for each attribute)

Attribute15

Name of the custom attribute to be extracted from server and stored at index '15' (where '15' changes for each attribute)

Attribute16

Name of the custom attribute to be extracted from server and stored at index '16' (where '16' changes for each attribute)

unset authentication tacacsAction

Use this command to remove authentication tacacsAction settings.Refer to the set authentication tacacsAction command for meanings of the arguments.

Synopsys

unset authentication tacacsAction <name> [-serverIP] [-serverPort] [-authTimeout] [-tacacsSecret] [-authorization] [-accounting] [-auditFailedCmds] [-groupAttrName] [-defaultAuthenticationGroup] [-Attribute1] [-Attribute2] [-Attribute3] [-Attribute4] [-Attribute5] [-Attribute6] [-Attribute7] [-Attribute8] [-Attribute9] [-Attribute10] [-Attribute11] [-Attribute12] [-Attribute13] [-Attribute14] [-Attribute15] [-Attribute16]

show authentication tacacsAction

Displays the current configuration settings for the specified TACACS+ profile (action).

Synopsys

show authentication tacacsAction [<name>]

Arguments

name

Name of the TACACS+ profile.

Outputs

serverIP

IP address assigned to the TACACS+ server.

serverPort

Port number on which the TACACS+ server listens for connections.

authTimeout

Number of seconds the NetScaler appliance waits for a response from the TACACS+ server.

tacacsSecret

Key shared between the TACACS+ server and the NetScaler appliance.

Required for allowing the NetScaler appliance to communicate with the TACACS+ server.

authorization

Use streaming authorization on the TACACS+ server.

accounting

Whether the TACACS+ server is currently accepting accounting messages.

auditFailedCmds

The state of the TACACS+ server that will receive accounting messages.

groupAttrName

TACACS+ group attribute name.

Used for group extraction on the TACACS+ server.

Success

Failure

defaultAuthenticationGroup

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

stateflag

Attribute1

Name of the custom attribute to be extracted from server and stored at index '1' (where '1' changes for each attribute)

Attribute2

Name of the custom attribute to be extracted from server and stored at index '2' (where '2' changes for each attribute)

Attribute3

Name of the custom attribute to be extracted from server and stored at index '3' (where '3' changes for each attribute)

Attribute4

Name of the custom attribute to be extracted from server and stored at index '4' (where '4' changes for each attribute)

Attribute5

Name of the custom attribute to be extracted from server and stored at index '5' (where '5' changes for each attribute)

Attribute6

Name of the custom attribute to be extracted from server and stored at index '6' (where '6' changes for each attribute)

Attribute7

Name of the custom attribute to be extracted from server and stored at index '7' (where '7' changes for each attribute)

Attribute8

Name of the custom attribute to be extracted from server and stored at index '8' (where '8' changes for each attribute)

Attribute9

Name of the custom attribute to be extracted from server and stored at index '9' (where '9' changes for each attribute)

Attribute10

Name of the custom attribute to be extracted from server and stored at index '10' (where '10' changes for each attribute)

Attribute11

Name of the custom attribute to be extracted from server and stored at index '11' (where '11' changes for each attribute)

Attribute12

Name of the custom attribute to be extracted from server and stored at index '12' (where '12' changes for each attribute)

Attribute13

Name of the custom attribute to be extracted from server and stored at index '13' (where '13' changes for each attribute)

Attribute14

Name of the custom attribute to be extracted from server and stored at index '14' (where '14' changes for each attribute)

Attribute15

Name of the custom attribute to be extracted from server and stored at index '15' (where '15' changes for each attribute)

Attribute16

Name of the custom attribute to be extracted from server and stored at index '16' (where '16' changes for each attribute)

devno

count

Was this article helpful?