This object is used to supply configuration for TACACS+ authentication service.
References to tacacsplus:authservice are object references.
The name part of a TACACS+ authentication service has the following components:
- The name of the TACACS+ authentication service.
Example: tacacsplus:authservice/ZG5zLm5ldHdvcmtfdmlldyQxMTk:TACACSAuth
The object does not support the following operations:
The object cannot be managed on Cloud Platform members.
These fields are actual members of the object; thus, they can be requested by using _return_fields, if the fields are readable.
The basic version of the object contains the field(s): comment, disable, name.
The following fields are required to create this object:
| Field | Notes |
|---|---|
| name | |
| servers |
The number of the accounting retries before giving up and moving on to the next server.
Type
Unsigned integer.
Create
The default value is 0.
Search
The field is not available for search.
The accounting retry period in milliseconds.
Type
Unsigned integer.
Create
The default value is 1000.
Search
The field is not available for search.
The number of the authentication/authorization retries before giving up and moving on to the next server.
Type
Unsigned integer.
Create
The default value is 0.
Search
The field is not available for search.
The authentication/authorization timeout period in milliseconds.
Type
Unsigned integer.
Create
The default value is 5000.
Search
The field is not available for search.
The TACACS+ authentication service descriptive comment.
Type
String.
Create
The default value is empty.
Search
The field is available for search via
Notes
The comment is part of the base object.
Determines whether the TACACS+ authentication service object is disabled.
Type
Bool.
Create
The default value is False.
Search
The field is not available for search.
Notes
The disable is part of the base object.
The TACACS+ authentication service name.
Type
String.
Values with leading or trailing white space are not valid for this field.
Create
The field is required on creation.
Search
The field is available for search via
Notes
The name is part of the base object.
The list of the TACACS+ servers used for authentication.
Type
A/An The TACACS+ server structure struct array.
Create
The field is required on creation.
Search
The field is not available for search.
Test connectivity to the server, authentication and accounting settings.
This function does not support multiple object matches when called as part of an atomic insertion operation.
Input fields
acct_timeout ( Unsigned integer. ) The accounting timeout in milliseconds. The default value is “5000”.
auth_timeout ( Unsigned integer. ) The authentication timeout in milliseconds. The default value is “5000”.
tacacsplus_authservice ( String. ) The name of the parent TACACS+ authentication service.
tacacsplus_server ( A/An The TACACS+ server structure struct. ). This parameter is mandatory. The TACACS+ server which will be tested. The ‘disable’ flag is ignored.
Output fields
acct_time ( Unsigned integer. ) The amount of time taken for accounting test in milliseconds.
auth_time ( Unsigned integer. ) The amount of time taken to authentication test in milliseconds.
error_message ( String. ) The detailed description of failure.
overall_status ( String. Valid values are: “SUCCESS”, “FAILED” ) The overall status of the test.
| Field | Type | Req | R/O | Base | Search |
|---|---|---|---|---|---|
| acct_retries | Unsigned int | N | N | N | N/A |
| acct_timeout | Unsigned int | N | N | N | N/A |
| auth_retries | Unsigned int | N | N | N | N/A |
| auth_timeout | Unsigned int | N | N | N | N/A |
| comment | String | N | N | Y | : = ~ |
| disable | Bool | N | N | Y | N/A |
| name | String | Y | N | Y | : = ~ |
| servers | [struct] | Y | N | N | N/A |
