Brocade Fibre Channel Networking Community

Expand all | Collapse all

What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

  • 1.  What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 04:33 PM
      |   view attached

    Hello, 

     

    I have TACACS+ setup on a pair of Brocades but I forgot to include the "local" -backup option and now I have no admin access to the box. My TACACS+ server is on Cisco ACS version 5.8. 

     

    I have the following under Policy Elements > Authorization and Permissions > Device Administration > Shell Profiles 

    Attribute: brcd-role=admin

     

    This gives me the following when I login and do a userconfig--show

    username: x

    description: remote account

    enabled: yes

    password last change date: unknown

    password expiration date: not applicable

    locked: no

    home LF role: admin

    role-lf list: admin: 128

    no chassis permission

    home lf: 128

    day time access: n/a

     

    Any idea how in the world I configure the correct attribute to grant admin chassisRole on Cisco ACS? 

     


    #BrocadeFibreChannelNetworkingCommunity


  • 2.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:15 PM

    @milhouse79 

     

    --->>.........setup on a pair of Brocades but I forgot to include the "local" -backup option and now I have no admin access to the box.

     

    unplugg the LAN Cable from Brocade Switches, wait for a Hours, and the try again to login trough the console port,

     

    now you can reset the AAA Setting in Brocade


    #BrocadeFibreChannelNetworkingCommunity


  • 3.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:24 PM

    Thanks, but do you know the attributes that are needed to use TACACS+  with Cisco ACS?


    #BrocadeFibreChannelNetworkingCommunity


  • 4.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:26 PM

    @milhouse79 

     

    --->>>.....but do you know the attributes that are needed to use TACACS+ with Cisco ACS?

     

    No Sorry.


    #BrocadeFibreChannelNetworkingCommunity


  • 5.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:29 PM

    Also, instead of removing the cable, can I just disable the upstream port the brocade is connected to and receive the same result, or do I absolutely need to remove the cable? I would assume I could just disable the upstream switchport connected to the mgmt0 interface and the same result would occur


    #BrocadeFibreChannelNetworkingCommunity


  • 6.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:26 PM

    Also, can you clarify how long you were referring to with the suggestion to remove it for "a hours"? 

     

    Is that one hour? Is it less than an hour?


    #BrocadeFibreChannelNetworkingCommunity


  • 7.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:29 PM

    @milhouse79 

     

     

    --->>>.... can you clarify how long you were referring to with the suggestion to remove it for "a hours"? 

     

    NO! try in 30 minutes.

     

    if not work you need simple to repeat the procedure and wait again.

     

    otherwise have a bit patience and unplug the cable for 1+ Hour


    #BrocadeFibreChannelNetworkingCommunity


  • 8.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:35 PM

    Thanks. I'll try that. 


    #BrocadeFibreChannelNetworkingCommunity


  • 9.  Re: What FOS (8.2) attributes do I need in Cisco ACS (5.8) to grant TACACS+ login an admin chassisRole?

    Posted 05-08-2019 08:44 PM