xStack
®
DES-3200 Series Layer 2 Managed Fast Ethernet Switch CLI Reference Guide
68
Restrictions
Only Administrator-level users can issue this command.
Example
To create a user-defined method list for promoting user's privilege to Admin level:
DES-3200-28/ME:admin#create authen_enable method_list_name enable_list_1
Command: create authen_enable method_list_name enable_list_1
Success.
DES-3200-28/ME:admin#
5-11 config authen_enable
Description
This command is used to configure a user-defined or default method list of authentication methods
for promoting user's privilege to Admin level. The sequence of methods will affect the altercation
result. For example, if the sequence is tacacs+ first, then tacacs and local_enable, when user try
to promote user's privilege to Admin level, the authentication request will be sent to the first server
host in tacacs+ built-in server group. If the first server host in tacacs+ group is missing, the
authentication request will be sent to the second server host in tacacs+ group, and so on. If all
server hosts in tacacs+ group are missing, the authentication request will be sent to the first server
host in tacacs group…If all server hosts in tacacs group are missing, the local enable password in
the device is used to authenticate this user’s password.
Format
config authen_enable [default | method_list_name <string 15>] method {tacacs | xtacacs |
tacacs+ | radius | server_group <string 15> | local _enable | none}
Parameters
default - The default method list of authentication methods.
method_list_name - The user-defined method list of authentication methods.
<string 15> Enter the method list name here. This value can be up to 15 characters long.
method - Specify the authentication method used.
tacacs - (Optional) Authentication by the built-in server group “tacacs”.
xtacacs - (Optional) Authentication by the built-in server group “xtacacs”.
tacacs+ - (Optional) Authentication by the built-in server group “tacacs+”.
radius - (Optional) Authentication by the built-in server group “radius”.
server_group - (Optional) Authentication by the user-defined server group.
<string 15> - Enter the server group name here. This value can be up to 15 characters
long.
local_enable - (Optional) Authentication by local enable password in device.
none - (Optional) No authentication.
Restrictions
Only Administrator-level users can issue this command.