AAA Configuration

aaa configuration aaa configuration show aaa show aaa \[command] show aaa \[purpose] view the authentication, authorization and billing settings configured in the network node \[view] system view \[use cases] sonic# show aaa aaa accounting command local (default) aaa authentication login local (default) aaa authentication failthrough false (default) aaa authorization command local (default) show tacacs status show tacacs status \[command] show tacacs status \[purpose] display the tacacs server status \[view] system view \[use cases] sonic# show tacacs status server ip status \ 192 168 0 78 online aaa accounting command aaa accounting command \[command] aaa accounting command {tacacs+|local|default} \[purpose] configure aaa billing method \[parameter] parameter description tacacs+ command billing with tacacs+ local local billing default reset back to default values, local billing \[view] system configuration view \[notes] tacacs+ and local can be used individually or in combination \[use cases] sonic(config)# aaa accounting command local tacacs+ aaa authentication failthrough {enable|default} aaa authentication failthrough {enable|default} \[command] aaa authentication failthrough {enable|default} no aaa authentication failthrough enable \[purpose] enable fail through \[parameter] default default enable enable \[view] system configuration view \[notes] this command is useful when the user has multiple tacacs + servers configured and the user has tacacs+ authentication enabled when an authentication request to the first server fails, this configuration allows the request to continue to the next server when this configuration is enabled, the authentication process will continue through all servers configured if this option is disabled and the authentication request fails on the first server, the authentication process will stop and logins will be disabled \[use cases] sonic(config)# aaa authentication failthrough enable aaa authentication fallback {enable|default} aaa authentication fallback {enable|default} \[command] aaa authentication fallback {enable|default} no aaa authentication fallback enable \[purpose] enable fallback \[parameter] default default enable enable \[view] system configuration view \[notes] when enabled, this command will fall back to local authentication when tacacs + authentication fails \[use cases] sonic(config)# aaa authentication fallback enable aaa authentication login aaa authentication login \[command] aaa authentication login {tacacs+|local|default} \[purpose] configure aaa login authentication method \[parameter] parameter description tacacs+ remote authentication based on tacacs + local using local authentication default reset back to the default value to enable local authentication only \[view] system configuration view \[notes] tacacs+ and local as optional parameter, can be configured separately or combined \[use cases] sonic(config)# aaa authentication login tacacs+,local aaa authorization command aaa authorization command \[command] aaa authentication command {tacacs+|local|default} \[purpose] configure the aaa command authentication method \[parameter] parameter description tacacs+ using tacacs + for command authentication local command local authentication default reset back to default values, local forensics \[view] system configuration view \[notes] tacacs+ and local as optional parameter, can be configured separately or combined \[use cases] sonic(config)# aaa authentication command tacacs+,local