Posted on July 9, 2019 7:23 pm
 |  Asked by Syed Hussain
 |  69 views
RESOLVED
0
0
Print Friendly, PDF & Email

I have setup TACACS authentication to CVP. But the user is getting network-operator role instead of Network-admin. Where can I find the tacacs.conf file to modify so that the specified user can be granted network-admin role

0
Posted by Tamas Plugor
Answered on July 9, 2019 7:36 pm

Hi Syed,

You’ll need to add cvp-roles=network-admin shell attribute on your TACACS server as per the config guide:

https://www.arista.com/en/cg-cv/cv-managing-aaa-servers#ww1171631

I also wrote two articles about this, one for Aruba ClearPass: https://eos.arista.com/clearpass-tacacs-authorization-with-cvp/
and one for Cisco ISE: https://eos.arista.com/cvp-aaa-tacacs-authorization-with-cisco-ise/

Hope it helps!
Tamas

Post your Answer

You must be logged in to post an answer.