重庆分公司,新征程启航
为企业提供网站建设、域名注册、服务器等服务
添加用户到用户组
在普兰等地区,都构建了全面的区域性战略布局,加强发展的系统性、市场前瞻性、产品创新能力,以专注、极致的服务理念,为客户提供成都做网站、网站设计 网站设计制作按需制作,公司网站建设,企业网站建设,品牌网站建设,营销型网站建设,外贸网站建设,普兰网站建设费用合理。
id = tac_plus {
access log = /var/log/tac_plus/access/%Y%m%d.log
authentication log = /var/log/tac_plus/authen/%Y%m%d.log
authorization log = /var/log/tac_plus/author/%Y%m%d.log
accounting log = /var/log/tac_plus/acct/%Y%m%d.log
mavis module = external {
setenv LDAP_SERVER_TYPE = "microsoft"
setenv LDAP_HOSTS = "ldap://ipa.test.org:389"
setenv LDAP_SCOPE = "sub"
setenv LDAP_BASE = "cn=users,cn=accounts,dc=test,dc=org"
setenv LDAP_FILTER= "(uid=%s)"
setenv REQUIRE_TACACS_GROUP_PREFIX = 1
setenv FLAG_USE_MEMBEROF = 1
exec = /usr/local/lib/mavis/mavis_tacplus_ldap.pl
}
login backend = mavis
user backend = mavis
pap backend = mavis
skip missing groups = yes
cache timeout = 21600
host = world {
address = ::/0
prompt = "Welcome\n"
enable 15 = clear secret
key = XXXX (与交换机key一致)
}
group = admin {
default service = permit
service = shell {
default command = permit
default attribute = permit
set priv-lvl = 15
}
}
group = guest {
default service = deny
enable = deny
service = shell {
default command = deny
default attribute = permit
set priv-lvl = 1
cmd = display {
deny diagnostic-information
permit .*
}
cmd = ping { permit .* }
}
}
}
tacacs服务管理:
systemctl enable tac_plus
systemctl restart tac_plus
systemctl status tac_plus
tacacs日志管理:
access log = /var/log/tac_plus/access/%Y%m%d.log
authentication log = /var/log/tac_plus/authen/%Y%m%d.log
authorization log = /var/log/tac_plus/author/%Y%m%d.log
accounting log = /var/log/tac_plus/acct/%Y%m%d.log