Establishing a server-side user account

The following example assigns the user "Mary" the Extreme role of "vlanadmin" and different passwords depending on whether CHAP or PAP is used. In the following example, which works in an environment with only devices supported by this guide, the brcd-role attribute is mandatory. In a mixed-vendor environment, the brcd-role attribute must be set to optional. Refer to Configuring TACACS+ for a mixed-vendor environment for more information.

user = Mary {
chap = cleartext "chap password"
pap = cleartext "pap password"
service = exec {
brcd-role = vlanadmin;
}
}

The following example assigns the user "Agnes" a single password for all types of login authentication.

user = Agnes {
global = cleartext "Agnes global password"
}

Alternatively, a user can be authenticated using the /etc/passwd file. The following example allows the user "fred" to be authenticated using the /etc/passwd file.

user = fred {
login = file /etc/passwd
}