OC AAA TACACS
Package:
openconfig-system.yang
openconfig-aaa-tacacs.yang
Creating a TACACS+ Server Group
Creating a TACACS+ Server GroupRequest:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>tac1</name>
</server-group>
</server-groups>
</aaa>
</system>
</config>
</edit-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<ok/>
</rpc-reply>Container:
Server Group Name
Type:
Config Data
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right
aaa group server tacacs+ tac1
Delete TACACS+ Server Group
Delete TACACS+ Server GroupRequest:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group xc:operation="delete">
<name>tac1</name>
</server-group>
</server-groups>
</aaa>
</system>
</config>
</edit-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<ok/>
</rpc-reply>
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right
no aaa group server tacacs+ tac1
Configuring an IPv4 TACACS Server Host with a Key, Port, and Timeout (Assigned to a Server Group)
Configuring an IPv4 TACACS Server Host with Key, Port, and Timeout (Assigned to a Server Group)<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>tac1</name>
<servers>
<server>
<address>10.1.1.1</address>
<config>
<timeout>10</timeout>
</config>
<tacacs>
<config>
<port>12</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
</server>
</servers>
</server-group>
</server-groups>
</aaa>
</system>
</config>
</edit-config>
</rpc>
Response
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<ok/>
</rpc-reply>
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right
tacacs-server host 10.1.1.1 key 7 "cisco" port 12 timeout 10
aaa group server tacacs+ tac1
server 10.1.1.10
Deleting an IPv4 TACACS Server Host from the Server Group
Deleting an IPv4 TACACS Server Host from the Server GroupRequest:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>tac1</name>
<servers>
<server xc:operation="delete">
<address>10.1.1.1</address>
</server>
</servers>
</server-group>
</server-groups>
</aaa>
</system>
</config>
</edit-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<ok/>
</rpc-reply>
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right
aaa group server tacacs+ tac1
no server 10.1.1.1
no tacacs-server host 10.1.1.1 key 7 "cisco" port 12 timeout 10
Configuring an IPv6 TACACS Server Host with a Key, Port, and Timeout (Assigned to a Server Group)
Configuring an IPv6 TACACS Server Host with a Key, Port, and Timeout (Assigned to a Server Group)REQUEST :
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>tac1</name>
<servers>
<server>
<address>2001:1::1</address>
<config>
<timeout>12</timeout>
</config>
<tacacs>
<config>
<port>12</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
</server>
</servers>
</server-group>
</server-groups>
</aaa>
</system>
</config>
</edit-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<ok/>
</rpc-reply>
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right
tacacs-server host 2001:1::1 key 7 "cisco" port 12 timeout 12
aaa group server tacacs+ tac1
server 2001:1::1
Deleting a TACACS Server Host from the Server Group
Deleting a TACACS Server Host from the Server Group<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config xmlns:xc="urn:ietf:params:xml:ns:netconf:base:1.0">
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>tac1</name>
<servers>
<server xc:operation="delete">
<address>2001:1::1</address>
</server>
</servers>
</server-group>
</server-groups>
</aaa>
</system>
</config>
</edit-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<ok/>
</rpc-reply>
CLI Commands
The CLI commands are equivalent to the payload examples displayed in the pane on the right
aaa group server tacacs+ tac1
no server 2001:1::1
no tacacs-server host 2001:1::1 key 7 "cisco" port 12 timeout 12
Querying a Server-Group List (Example 1)
Querying a Server-Group List (Example 1)Request:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get-config>
<source><running/></source>
<filter>
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups/>
</aaa>
</system>
</filter>
</get-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<data>
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<servers>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>130.2.3.4</address>
<config>
<address>130.2.3.4</address>
<name>130.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>1.2.3.4</address>
<config>
<address>1.2.3.4</address>
<name>1.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
</servers>
<config>
<type>oc-aaa:TACACS</type>
</config>
</server-group>
<server-group>
<servers>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>130.2.3.4</address>
<config>
<address>130.2.3.4</address>
<name>130.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>1.2.3.4</address>
<config>
<address>1.2.3.4</address>
<name>1.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
</servers>
<config>
<type>oc-aaa:TACACS</type>
</config>
</server-group>
</server-groups>
</aaa>
</system>
</data>
</rpc-reply>Querying a Server-Group List (Example 2)
Querying a Server-Group List (Example 2)<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get-config>
<source><running/></source>
<filter>
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group/>
</server-groups>
</aaa>
</system>
</filter>
</get-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<data>
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<servers>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>130.2.3.4</address>
<config>
<address>130.2.3.4</address>
<name>130.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>1.2.3.4</address>
<config>
<address>1.2.3.4</address>
<name>1.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
</servers>
<config>
<type>oc-aaa:TACACS</type>
</config>
</server-group>
<server-group>
<servers>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>130.2.3.4</address>
<config>
<address>130.2.3.4</address>
<name>130.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>1.2.3.4</address>
<config>
<address>1.2.3.4</address>
<name>1.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
</servers>
<config>
<type>oc-aaa:TACACS</type>
</config>
</server-group>
</server-groups>
</aaa>
</system>
</data>
</rpc-reply>Querying a Server-Group List for a Single Server Group
Querying a Server-Group List for a Single Server GroupRequest:
<rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<get-config>
<source><running/></source>
<filter>
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>TAC1</name>
</server-group>
</server-groups>
</aaa>
</system>
</filter>
</get-config>
</rpc>
Response:
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<data>
<system xmlns="http://openconfig.net/yang/system">
<aaa>
<server-groups>
<server-group>
<name>TAC1</name>
<servers>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>130.2.3.4</address>
<config>
<address>130.2.3.4</address>
<name>130.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
<server>
<tacacs>
<config>
<port>20</port>
<secret-key>cisco</secret-key>
</config>
</tacacs>
<address>1.2.3.4</address>
<config>
<address>1.2.3.4</address>
<name>1.2.3.4</name>
<timeout>12</timeout>
</config>
</server>
</servers>
<config>
<type>oc-aaa:TACACS</type>
</config>
</server-group>
</server-groups>
</aaa>
</system>
</data>
</rpc-reply>Deviations: State data is not supported