Chapter 28
Configuring RADIUS and TACACS+
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m .
Once the implicit distribution session has started, you can check the session status using the show
tacacs+ distribution status command.
switch# show tacacs+ distribution status
distribution : enabled
session ongoing: yes
session owner: admin
session db: exists
merge protocol status: merge activation done
last operation: enable
last operation status: success
Displaying the Configuration to Be Distributed
To display the RADIUS global and/or server configuration stored in the temporary buffer, use the show
radius pending command.
switch(config)# show radius pending-diff
+radius-server host testhost1 authentication accounting
+radius-server host testhost2 authentication accounting
To display the TACACS+ global and/or server configuration stored in the temporary buffer, use the show
tacacs+ pending command.
switch(config)# show tacacs+ pending-diff
+tacacs-server host testhost3
+tacacs-server host testhost4
Committing the Distribution
The RADIUS or TACACS+ global and/or server configuration stored in the temporary buffer can be
applied to the running configuration across all switches in the fabric (including the originating switch).
To commit RADIUS configuration changes, follow these steps:
Command
Step 1
switch# config t
Step 2
switch(config)# radius commit
To commit TACACS+ configuration changes, follow these steps:
Command
Step 1
switch# config t
Step 2
switch(config)# tacacs+ commit
OL-8222-01, Cisco MDS SAN-OS Release 3.x
Purpose
Enters configuration mode.
Commits the RADIUS configuration changes to the running
configuration.
Purpose
Enters configuration mode.
Commits the TACACS+ configuration changes to the running
configuration.
Cisco MDS 9000 Family CLI Configuration Guide
Distributing AAA Server Configuration
28-17