08-24-2010 06:51 PM - edited 03-01-2019 09:42 AM
I am considering configuring UCS to use TACACS but can't find any documentaion to suggest if the UCS would fallback
to Local when TACACS fail. One would assume that it would so any link or pointers would be appreciated. Thank you.
08-25-2010 12:04 AM
No it doesn't, you won't be able to log on. For this reason you should always configure Console access as Local as a safety net / fall back should TACACS fail. THen at least you can console in, change the auth to Local and use local accounts.
So in effect, you have to "manually fall back to local" - it isn't automatic.
Cheers
Steve
08-25-2010 04:18 AM
Oh, Thank you for the information. Since console acccess means command line only.
Am i right to suggest that one should know how to make changes and back out via command line
as the Web GUI won't be available when TACACS goes down?
11-02-2011 11:24 PM
I read this post and thought fallback was not supported but have since found out that Steve was incorrect in his statement.
If you look at the user guide you will see that it states:
"If all of the configured servers are unavailable or unreachable, Cisco UCS Manager automatically falls back to the local authentication method using the local username and password."
Upon testing indeed fallback works properly.
11-02-2011 11:29 PM
Adding on Tims post. This behaviour is documented here:
Provider Groups
A provider group is a set of providers that will be used by Cisco UCS during the authentication process. Cisco UCS Manager allows you to create a maximum of 16 provider groups, with a maximum of eight providers allowed per group.
During authentication, all the providers within a provider group are tried in order. If all of the configured servers are unavailable or unreachable, Cisco UCS Manager automatically falls back to the local authentication method using the local username and password.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide