Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

UCS AAA setup

Well, I've been working on this off and on for a few months (yikes) now, and we are still using local authentication for UCS rather than tacacs. I am attaching a few screenshots of how things are set up that I believe encomasses everything, but am more than willing to provide more info if needed. The pics are - how the UCS looks, how AAA looks for the UCS, how the one user (me) I'm testing looks. I essentially did my best to follow the instructions in

http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/1.4/UCSM_GUI_Configuration_Guide_1_4_chapter7.pdf

but to no avail. Essentially, I believe that the UCS isn't even trying to contact the ACS server. I tested that by trying (unsuccessfully) to log in to UCS 10 times, and it not locking my tacacs account. Any help greatly appreciated, and more information requested will be provided.

Thanks

Everyone's tags (2)
4 REPLIES
New Member

UCS AAA setup

Russell -

Can you confirm that you can ping the ACS server from the UCS FI CLI?  Does the admin aaa role exist on the UCS?

Jen

Cisco Employee

UCS AAA setup

Russell,

Additionally, you can verify the user and tacacs from the NX-OS CLI with the following:

UCS-250-A(nxos)# test aaa server tacacs+ 10.10.10.10 myuser mypass

Thanks,

Michael

New Member

UCS AAA setup

Jen,

  I can ping from local-mgmt. There is an admin role and a aaa role on the UCS.

Michael,

  that command, when substituted for my values, gives me an error authenticating to server.

Cisco Employee

UCS AAA setup

Hi Russell,

If it returns an error authenticating, sounds like there is a problem with the user/pass combination. Can you verify that they are correct?

Additionally, looking at the screenshots, you should select the "Shell(exec)" for the aaa-user on your ACS.

Setup TACACS Authentication for Cisco UCS

Let me know how you go.

Thanks,

Michael

1887
Views
0
Helpful
4
Replies
CreatePlease to create content