Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1626
Views
5
Helpful
1
Replies

TACACS config & Testing on Cisco Devices using Python

AliHyder
Level 1
Level 1

‎10-16-2019 07:26 AM

I have an script to send the TACACS config using Netmiko for nearly 1000 devices, but how should we test it before we exit out of session if any thing goes wrong. This is part of ACS migration TACACS_Plus library is not helping it this.

Labels:
0 Helpful
1 Reply 1

Seb Rupik
VIP Alumni
VIP Alumni

‎10-16-2019 07:52 AM

Hi there,

Create a service account (ie in the local user store on your TACACS server (ACS or ISE) ) and ensure it only has 'priv 1' access.

 

Have your script run the command:

test aaa group tacacs+ <service_acc_name> <service_acc_pass> new-code

...then regex the returned result for the string "User successfully authenticated"

 

cheers,

Seb.

 

Customers Also Viewed These Support Documents