I have recently opened a TAC case on an issue I'm having with authenticating user via TACACS on the ACE 4710.
The TAC engineer is telling me that for the authentication to work I need that same user to also have an account on the proper context (Admin context in this case). For example if I get a ACS account named netadmin, I will also need to create that account on the ACE 4710 (Kind of like MARS...).
Is this true?
From the past posts I have read it seems people have gotten this to work by using the following two steps:
A. Configure ACS properly
1. Select user
2. Scroll down to tacacs+ setting
3. check "shell(exec)" option
4. check "custom attributes"
5. Add the custom AV-Pair info in the following format:
6. Save / and then stop/start ACS services
B. Configure the ACE
tacacs-server host a.b.c.d key XXXXXX
aaa group server tacacs+ TACACS
aaa authentication login default group TACACS local
aaa authentication login console none
aaa accounting default group TACACS local
aaa authentication login error-enable
Are there people out there using this successfully without the ACS accounts needing to also be on the ACE?
The unmanaged mode is also known as Network only switching, which is introduced in Brazos release. It adds the flexibility for customer to use only network automation for service appliance.
If a device is configured a...
Usually, we can access ESXi Shell by pressing Alt+F1 from ESXi DCUI (Direct Console User Interface).
But on HyperFlex system, it just shows black window.
This is expected behavior because HyperFlex redirects ESXi Shell output to SoL...
Configuring an Export Policy Using the GUI
This procedure explains how to configure an Export policy using the APIC GUI. Follow these steps to trigger a backup of your data:
On the menu bar, choose Admi...