DGS-3710 Series Layer 2 Managed Gigabit Switch CLI Reference Guide
73
DGS-3710-12C:admin#create authen_enable method_list_name enable_list_1
Command: create authen_enable method_list_name enable_list_1
Success.
DGS-3710-12C:admin#
5-9
config authen_enable
Description
This command is used to configure a user-defined or default method list of authentication methods
for promoting a user's privilege to Admin level. The sequence of methods will effect the
authencation result. For example, if the sequence is TACACS+ first, then TACACS and
local_enable, when a user tries to promote a user's privilege to Admin level, the authentication
request will be sent to the first server host in the TACACS+ built-in server group. If the first server
host in the TACACS+ group is missing, the authentication request will be sent to the second server
host in the TACACS+ group, and so on. If all server hosts in the TACACS+ group are missing, the
authentication request will be sent to the first server host in the TACACS group. If all server hosts
in the TACACS group are missing, the local enable password in the device is used to authenticate
this user’s password. The local enable password in the device can be configured by the CLI
command
config admin local_enable
.
Format
config authen_enable [default | method_list_name <string 15>] method {tacacs | xtacacs |
tacacs+ | radius | server_group <string 15> | local_enable | none}(1)
Parameters
default
- Specifies the default method list of authentication methods.
method_list_name
- Specifies the user-defined method list of authentication methods.
<string 15>
- Specifies the user-defined method list of authentication methods. The method
list name can be up to 15 characters long.
method
- Choose the desired authentication method:
tacacs
- Specifies authentication by the built-in server group TACACS.
xtacacs
- Specifies authentication by the built-in server group XTACACS.
tacacs+
- Specifies authentication by the built-in server group TACACS+.
radius
- Specifies authentication by the built-in server group RADIUS.
server_group
- Specifies authentication by the user-defined server group.
<string 15>
- Specifies authentication by the user-defined server group. The server group
value can be up to 15 characters long.
local_enable
- Specifies authentication by local enable password in the device.
none
- Specifies no authentication.
Restrictions
Only Administrator-level users can issue this command.
Example
To configure a user-defined method list for promoting a user's privilege to Admin level: