05-08-2019 04:32 PM
I have TACACS+ setup on a pair of Brocades but I forgot to include the "local" -backup option and now I have no admin access to the box. My TACACS+ server is on Cisco ACS version 5.8.
I have the following under Policy Elements > Authorization and Permissions > Device Administration > Shell Profiles
This gives me the following when I login and do a userconfig--show
description: remote account
password last change date: unknown
password expiration date: not applicable
home LF role: admin
role-lf list: admin: 128
no chassis permission
home lf: 128
day time access: n/a
Any idea how in the world I configure the correct attribute to grant admin chassisRole on Cisco ACS?
05-08-2019 08:15 PM
--->>.........setup on a pair of Brocades but I forgot to include the "local" -backup option and now I have no admin access to the box.
unplugg the LAN Cable from Brocade Switches, wait for a Hours, and the try again to login trough the console port,
now you can reset the AAA Setting in Brocade
05-08-2019 08:26 PM
--->>>.....but do you know the attributes that are needed to use TACACS+ with Cisco ACS?
05-08-2019 08:26 PM
Also, can you clarify how long you were referring to with the suggestion to remove it for "a hours"?
Is that one hour? Is it less than an hour?
05-08-2019 08:28 PM
Also, instead of removing the cable, can I just disable the upstream port the brocade is connected to and receive the same result, or do I absolutely need to remove the cable? I would assume I could just disable the upstream switchport connected to the mgmt0 interface and the same result would occur
05-08-2019 08:29 PM
--->>>.... can you clarify how long you were referring to with the suggestion to remove it for "a hours"?
NO! try in 30 minutes.
if not work you need simple to repeat the procedure and wait again.
otherwise have a bit patience and unplug the cable for 1+ Hour
05-08-2019 08:44 PM
see this blog, to compare if all settings are made correct.