Only users with the role SecurityAdmin or SystemAdmin can perform this task.
Note
For details about the command and its parameters, see the ExtremeCloud Orchestrator Command Reference, 3.2.0 .efa auth tacacsconfig add -–host 10.24.15.200 -–port 49 --secret sharedsecret --protocol CHAP
The command validates the attributes. If the validation is successful, the attributes are saved in the database. These details are used to validate user credentials and fetch the user role during token generation.
efa auth tacacsconfig rolemapping add -–host 10.24.15.200 --tacacsRole=tacAdmin --xcoRole SystemAdmin
The rolemapping command validates whether or not the host is already configured in XCO. If yes, then the command maps the TACACS role with the XCO supported role. Similarly, the deletion of the host from TACACS config also deletes the TACACS roles of the host already configured using role mapping.
Example:
efa auth tacacsconfig rolemapping add --xcoRole=SystemAdmin --tacacsRole=admin --host=10.37.135.12 Successfully added the tacacs configuration. +--------------+-------------+-------------+----------------------------+ | Host | TACACS Role | XCO Role | Description of XCO Role | +--------------+-------------+-------------+----------------------------+ | 10.37.135.12 | admin | SystemAdmin | Complete privileges to all | | | | | operations in the system | +--------------+-------------+-------------+----------------------------+ efa auth tacacsconfig rolemapping show +--------------+-------------+-------------+----------------------------+ | Host | TACACS Role | XCO Role | Description of XCO Role | +--------------+-------------+-------------+----------------------------+ | 10.37.135.12 | admin | SystemAdmin | Complete privileges to all | | | | | operations in the system | +--------------+-------------+-------------+----------------------------+
efa auth ldapconfig reset --name kvm12.com --group-attribute --group-member-mappingattribute Reset LDAP configuration is successful efa auth ldapconfig reset --name kvm12.com --user-member-attribute Reset LDAP configuration is successful