Configuration Commands
Table 80 TACACS+ Server Configuration commands
Command Description
tacacs-server port <TCP port number>
Enter the number of the TCP port to be configured, between 1
and 65000. The default is 49.
Command mode: Global configuration
tacacs-server retransmit <1-3>
Sets the number of failed authentication requests before
switching to a different TACACS+ server. The range is 1-3
requests. The default is 3 requests.
Command mode: Global configuration
tacacs-server timeout <4-15>
Sets the amount of time, in seconds, before a TACACS+
server authentication attempt is considered to have failed. The
range is 4-15 seconds. The default is 5 seconds.
Command mode: Global configuration
[no] tacacs-server telnet-backdoor
Enables or disables the TACACS+ back door for
telnet/SSH/HTTP/HTTPS. This command does not apply when
secure backdoor is enabled.
Command mode: Global configuration
[no] tacacs-server secure-backdoor
Enables or disables the TACACS+ back door using secure
password for telnet/SSH/HTTP/HTTPS. This command does
not apply when backdoor (telnet) is enabled.
Command mode: Global configuration
[no] tacacs-server privilege-mapping
Enables or disables TACACS+ privilege-level mapping.
The default value is disabled.
Command mode: Global configuration
tacacs-server user-mapping {<0-15>
Maps a TACACS+ authorization level to a switch user level.
Enter a TACACS+ privilege level (0-15), followed by the
corresponding HP 10GbE switch user level (user, oper,
Command mode: Global configuration
tacacs-server enable
Enables the TACACS+ server.
Command mode: Global configuration
no tacacs-server enable
Disables the TACACS+ server.
Command mode: Global configuration
show tacacs-server
Displays current TACACS+ configuration parameters.
Command mode: All
IMPORTANT: If TACACS+ is enabled, you must login using TACACS+ authentication when
connecting via the console or Telnet/SSH/HTTP/HTTPS. Backdoor for console is always enabled,
so you can connect using notacacs and the administrator password even if the backdoor or
secure backdoor are disabled.
If Telnet backdoor is enabled, type in notacacs as a backdoor to bypass TACACS+ checking,
and use the administrator password to log into the switch. The switch allows this even if TACACS+
servers are available.
If secure backdoor is enabled, type in notacacs as a backdoor to bypass TACACS+ checking,