xStack
®
DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual
62
DGS-3627:admin# create authen_enable method_list_name enable_list_1
Command: create authen_enable method_list_name enable_list_1
Success.
DGS-3627:admin#
config authen_enable
Purpose
This command is used to configure a user-defined or default method list of authentication
methods for promoting a user's privilege to Admin level.
Syntax
config authen_enable [default | method_list_name <string 15>] method {tacacs |
xtacacs | tacacs+ | radius | server_group <string 15> | local _enable | none}(1)
Description
Configures a user-defined or default method list of authentication methods for promoting a
user's privilege to Admin level. The sequence of methods will affect the authentication result.
For example, if the sequence is tacacs+ first, followed by tacacs and local_enable, when a
user tries to login, the authentication request will be sent to the first server host in the tacacs+
built-in server group. If the first server host in the tacacs+ group is missing, the authentication
request will be sent to the second server host in the tacacs+ group, and so on. If all server
hosts in the tacacs+ group are missing, the authentication request will be sent to the first
server host in the tacacs group. If all server hosts in the tacacs group are missing, the local
enable password in the device will be used to authenticate the user’s password. The local
enable password in the device can be configured using the “config admin local_password”
CLI command.
Parameters
default
- Specify the default method list of authentication methods.
method_list_name
- Specify the user-defined method list of authentication methods.
tacacs
- Specify authentication by the built-in server group “tacacs”.
xtacacs
- Specify authentication by the built-in server group “xtacacs”.
tacacs+
- Specify authentication by the built-in server group “tacacs+”.
radius
- Specify authentication by the built-in server group “radius”.
server_group
- Specify authentication by the user-defined server group.
local_enable
- Specify authentication by the local enable password in the device.
none
- Specify no authentication.
Restrictions
Only Administrator level users can issue this command.
Example usage:
To configure a user-defined method list called “method_list_name” that will be used to promote a user's privilege to
Admin level:
DGS-3627:admin# config authen_enable method_list_name enable_list_1 method tacacs+ tac
acs local_enable
Command: config authen_ enable method_list_name enable_list_1 method tacacs+ tacac
s local_enable
Success.
DGS-3627:admin#
delete authen_enable method_list_name
Purpose
This command is used to delete a user-defined method list of authentication methods for
promoting a user's privilege to Admin level.
Syntax
delete authen_enable method_list_name <string 15>