TACACS.net and Procurve setting Priviledge Level (498 Views)
Reply
Occasional Advisor
Posts: 9
Registered: ‎10-31-2012
Message 1 of 2 (498 Views)

TACACS.net and Procurve setting Priviledge Level

According to HP manuals for Procurve switches You should be able to set Privilige Level to either 1 or 15 giving you operator or manager rights for a user or Group. This is made by the command:

 

aaa authentication login privilege-mode

 

But the switch (e.g 3500 or 6600 switch) doesn´t acknowledge the setting "priv-lvl=1" setting on TACACS.net server. I am guessing the attribute name is different on Procurve but I am not able to find it.

 

Anybody who knows more on this?

 

Best Regards // Kristian Modess

Occasional Advisor
Posts: 9
Registered: ‎10-31-2012
Message 2 of 2 (494 Views)

Re: TACACS.net and Procurve setting Priviledge Level

UPDATE!

 

Apparently it partially reads the attribute "priv-lvl=1". If I login with a user set with priv-lvl=1 I end up in promt:

 

Switch>

 

This is correct, but I shouldn´t be able to enter "enable" mode with the same user, but I can.

 

If i set "priv-lvl=15" I directly end up in promt:

 

Switch#

 

 

So the only thing Procurve switches do wrong is allowing me to login to "enable" mode, even though I´ve set priviledge mode to 1.

 

//Kristian

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.