1632
Views
5
Helpful
1
Replies
TACACS config & Testing on Cisco Devices using Python
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2019 07:26 AM
I have an script to send the TACACS config using Netmiko for nearly 1000 devices, but how should we test it before we exit out of session if any thing goes wrong. This is part of ACS migration TACACS_Plus library is not helping it this.
Labels:
- Labels:
-
pyATS
1 Reply 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-16-2019 07:52 AM
Hi there,
Create a service account (ie in the local user store on your TACACS server (ACS or ISE) ) and ensure it only has 'priv 1' access.
Have your script run the command:
test aaa group tacacs+ <service_acc_name> <service_acc_pass> new-code
...then regex the returned result for the string "User successfully authenticated"
cheers,
Seb.
