Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/samdoran/ansible-role-tacacs
https://github.com/samdoran/ansible-role-tacacs
Last synced: 3 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/samdoran/ansible-role-tacacs
- Owner: samdoran
- Created: 2016-09-19T22:23:19.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2016-09-19T22:27:56.000Z (over 8 years ago)
- Last Synced: 2024-11-01T09:14:32.340Z (about 2 months ago)
- Size: 149 KB
- Stars: 2
- Watchers: 3
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
TACACS+
========Setup a TACACS+ server using [`tac_plus`](http://www.shrubbery.net/tac_plus/) from Shrubbery Networks.
You may use local accounts or LDAP for authentication (via PAM). LDAP _does not_ do authorization — that is handled by the `tac_plus.conf`. If using LDAP authentication, make sure to define all the necessary variables described below.
Requirements
------------You must configure your devices to point at the TACACS+ server. The exact configuration varies greatly between devices and vendors. You'll need to do lots of reading and testing with non-production equipment as it's very easy to lock yourself out of the device when experimenting with AAA configurations.
Open port 49 in the firewall on the host.
Role Variables
--------------| Name | Default Value | Description |
|-------------------|---------------------|----------------------|
| `tacacs_port` | `49` | Port the TACACS server listens on. |
| `tacacs_users` | `[see defaults.yml]` | User accounts to be added to `tac_plus.conf` and optionally created on the system. |
| `tacacs_ldap_auth` | `False` | Whether TACACS uses PAM LDAP to authenticate. |
| `tacacs_enable_passwords` | `null` | Host specific enable passwords. |Example Playbook
-------------------------Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: tacacs
roles:
- tacacsLicense
-------MIT