Test tacacs+ authentication, Role authentication order screen – HP 1.10GB Virtual Connect Ethernet Module for c-Class BladeSystem User Manual

Virtual Connect users and roles 72

# End config file

The server logs can be accessed on the TACACS+ server at /var/log/tac_plus.log. The accounting

log is available under /var/log/tac_plus.acct, which records all command logging requests.

Test TACACS+ authentication

Users with domain privileges can test their TACACS+ configuration before making the configuration active.
To test a TACACS+ configuration:

1.

Access the TACACS+ Settings screen (on page

69

).

2.

Enter the TACACS+ configuration information.

3.

Click Test. The TACACS Configuration Test screen appears.

4.

Enter a valid user name and password.

5.

Click Test.

The status window displays any problems encountered during the test. When testing is complete, click Close.

Role Authentication Order screen

Use this screen to specify the authentication services to be used during log in and set the order in which each

authentication method is queried for each role. Role authentication order is followed for role-prefixed logins

only, such as "domain:user1". In the case of an authentication service-prefixed login, such as "radius:user1"

or a default login without a prefix, such as "user1", the login succeeds if credentials are correct and the
authentication service is enabled. This is regardless of what role authentication orders are defined.
By default, VCM queries the authentication services for each role in the following order:

•

Domain: local > ldap > radius > tacacs