# Define where to log accounting data, this is the default. accounting file = /var/log/tac_plus.acct # This is the key that clients have to use to access Tacacs+ key = # Use password from PAM default authentication = file /etc/passwd # crypted password # mkpasswd -m des password # openssl passwd -1 # default user user = someuser { member = noc login = cleartext "supersecret" } user = otheruser { member = noc login = des "$1$SNIP" } # default group group = noc { default service = permit service = exec { priv-lvl = 15 idletime = 5 optional task = "#root-system" } service = shell { priv-lvl = 15 idletime = 5 optional task = "#root-system" } service = junos-exec { local-user-name = ngt } service = ciscowlc { role1 = ALL } service = NCS { role = ALL virtual-domain0="ROOT-DOMAIN" role0="Root" task0="View Alerts and Events" task1="Run Job" task2="Device Reports" task3="Alarm Stat Panel Access" task4="WAN Optimization Multisegment Access" task5="RADIUS Servers" task6="Raw NetFlow Reports" task7="PnPDeployHistoryReadWriteAccess" task8="Network Summary Reports" task9="Edit Audit Logs Purge Settings Access" task10="Discovery View Privilege" task11="Configure ACS View Servers" task12="Run Reports List" task13="View Audit Logs Purge Settings Access" task14="View CAS Notifications Only" task15="Administration Menu Access" task16="Monitor Clients" task17="Configure Guest Users" task18="SwimDelete" task19="Monitor Media Streams" task20="Configure Lightweight Access Point Templates" task21="Monitor Chokepoints" task22="Maps Read Write" task23="Configure Access Points" task24="SwimRecommondation" task25="Virtual Domains List" task26="All" task27="SwimPreferenceSave" task28="Users and Groups" task29="View Group Members" task30="Saved Reports List" task31="SwimDistribution" task32="Migration Templates" task33="Monitor Spectrum Experts" task34="Configure Autonomous Access Point Templates" task35="Audit Trails" task36="Client Location" task37="Delete Device Access" task38="Device WorkCenter" task39="Monitor Access Points" task40="Data Collection Management Access" task41="CleanAir Reports" task42="Configure Ethernet Switches" task43="Configure Ethernet Switch Ports" task44="TACACS+ Servers" task45="Edit Job" task46="Mobility Service Management" task47="Autonomous AP Reports" task48="Delete Groups" task49="Performance Reports" task50="SwimUpgradeAnalysis" task51="Configure Controllers" task52="Help Menu Access" task53="PnPPreferencesReadWriteAccess" task54="Packet Capture Access" task55="MSAP Reports" task56="Scheduled Tasks and Data Collection" task57="Monitor Tags" task58="Details Dashboard Access" task59="Search Access" task60="Scheduled Configuration Tasks" task61="View Groups" task62="Configure WIPS Profiles" task63="Delete Job" task64="SwimCollection" task65="Client Reports" task66="Troubleshoot" task67="Services Menu Access" task68="Configure Templates" task69="System Settings" task70="Report Launch Pad" task71="Remove Clients" task72="Performance Dashboard Access" task73="Alarm Browser Access" task74="Configure Config Groups" task75="Application and Services Access" task76="SwimInfoUpdate" task77="Mesh Reports" task78="High Availability Configuration" task79="License Center" task80="View Audit Logs Access" task81="Lobby Ambassador Defaults Configuration" task82="Design Monitoring Template Access" task83="Add Group Members" task84="Monitor Controllers" task85="Deploy Configuring Access" task86="View Job" task87="Monitor Security" task88="Track Clients" task89="Monitor Menu Access" task90="Export Audit Logs Access" task91="Design Configuration Template Access" task92="Schedule Job" task93="SwimAccessPrivilege" task94="Monitor Interferers" task95="Configure Switch Location Configuration Templates" task96="Configure WiFi TDOA Receivers" task97="TAC Case Attachment Tool" task98="Add Groups" task99="Cancel Job" task100="Discovery CRUD Privilege" task101="WAN Optimization Dashboard Access" task102="Voice Audit Report" task103="nbiAccessPrivilege" task104="Admin Dashboard Access" task105="Global SSID Groups" task106="Modify Groups" task107="Report Run History" task108="Maps Read Only" task109="Compliance Reports" task110="Disable Clients" task111="Custom NetFlow Reports" task112="WIPS Service" task113="Security Reports" task114="Application Server Management Access" task115="Configure Spectrum Experts" task116="Appliance" task117="View Security Index Issues" task118="Device Bulk Import Access" task119="Home Menu Access" task120="Health Monitor Details" task121="Monitor WiFi TDOA Receivers" task122="ContextAware Reports" task123="Add Device Access" task124="View Alert Condition" task125="User Preferences" task126="Guest Reports" task127="Config Archive Read-Write Task" task128="Logging" task129="Device View configuration Access" task130="Automated Feedback" task131="Delete and Clear Alerts" task132="Identity Search Engine" task133="Configure Third Party Controllers and Access Point" task134="Email Notification" task135="License Check" task136="Rogue Location" task137="Identify Unknown Users" task138="Delete Group Members" task139="Reports Menu Access" task140="PnPProfileDeployReadWriteAccess" task141="Configure ISE Servers" task142="Tools Menu Access" task143="Config Audit Dashboard" task144="Virtual Domain Management" task145="Incidents Alarms Events Access" task146="Monitor Ethernet Switches" task147="Pause Job" task148="Discovery Schedule Privilege" task149="Voice Diagnostics" task150="Configure Choke Points" task151="MSE Analytics" task152="RRM Dashboard" task153="Theme Changer Access" task154="Design Endpoint Site Association Access" task155="PnPProfileReadWriteAccess" task156="Diagnostic Information" task157="Planning Mode" task158="Pick and Unpick Alerts" task159="Configure Menu Access" task160="Ack and Unack Security Index Issues" task161="Deploy Monitoring Template Access" task162="Ack and Unack Alerts" task163="Auto Provisioning" } }