The following list defines the values that must be defined when configuring a group with TACACS+ authentication.
• The TACACS+ administrator must add each user to a group. To give a user administrative access, the user must be added to the admin group.
• On the OnSite, the TACACS+ authentication server must be configured for raw access, in either of the two ways shown in the following table:
Follow the procedure in To Configure a TACACS+ Authentication Server [Expert], making sure to check the “Enable Raccess Authorization” checkbox. Perform this procedure by editing the AA database on the TACACS+ server. These additions can be made through a GUI. The example shows a declaration that would need to be added to the AA database if a GUI is not available.
• Add the raccess service to each user’s configuration and define the group_name to which each user belongs.To give a user administrative access, make the group_name = admin.