I need to run the following command via SNMP:
configure system security password authentication-order tacplus local
Does anyone have the OIDs to get this accomplished? I can do it on Cisco devices using a TFTP server, but I can't quite figure out how to do it on 7750's.
I was able to find the following for copying running to startup config -- which might work if i copied startup config to running config, but I can't find documentation on the integer values.
Copy Run Start:
snmpset -v2c -c <community> <ip address> \
1.3.6.1.4.1.89.87.2.1.7.111 i 2 \
1.3.6.1.4.1.89.87.2.1.8.111 i 1 \
1.3.6.1.4.1.89.87.2.1.12.111 i 3 \
1.3.6.1.4.1.89.87.2.1.17.111 i 4
Any ideas on how to get this accomplished?
Need to configure authentication-order via SNMP / pushing config via SNMP
-
vasudha202
Re: Need to configure authentication-order via SNMP / pushing config via SNMP
I think the OIDs you need are:
1.3.6.1.4.1.6527.3.1.2.22.5.7 tmnxPasswordAuthenOrder1
1.3.6.1.4.1.6527.3.1.2.22.5.8 tmnxPasswordAuthenOrder2
1.3.6.1.4.1.6527.3.1.2.22.5.9 tmnxPasswordAuthenOrder3
I haven't actually done this before, but the way it's supposed to work is, the PasswordAuthenOrder1 OID sets the first preferred method, PasswordAuthenOrder2 sets the next preferred method and so on.
The values are 0 for none, 1 for local, 2 for radius and 3 for tacplus.
So you would probably have to set 1.3.6.1.4.1.6527.3.1.2.22.5.7 to a value of 3 for tacplus and 1.3.6.1.4.1.6527.3.1.2.22.5.8 to a value of 1 to fallback to local.
I am not a 100% sure what index you use in this case (maybe 1?) but an SNMP tool could probably take care of that for you, or someone else on here might be able to clarify what index to use.
Hope that was some help
1.3.6.1.4.1.6527.3.1.2.22.5.7 tmnxPasswordAuthenOrder1
1.3.6.1.4.1.6527.3.1.2.22.5.8 tmnxPasswordAuthenOrder2
1.3.6.1.4.1.6527.3.1.2.22.5.9 tmnxPasswordAuthenOrder3
I haven't actually done this before, but the way it's supposed to work is, the PasswordAuthenOrder1 OID sets the first preferred method, PasswordAuthenOrder2 sets the next preferred method and so on.
The values are 0 for none, 1 for local, 2 for radius and 3 for tacplus.
So you would probably have to set 1.3.6.1.4.1.6527.3.1.2.22.5.7 to a value of 3 for tacplus and 1.3.6.1.4.1.6527.3.1.2.22.5.8 to a value of 1 to fallback to local.
I am not a 100% sure what index you use in this case (maybe 1?) but an SNMP tool could probably take care of that for you, or someone else on here might be able to clarify what index to use.
Hope that was some help
-
netnem
Re: Need to configure authentication-order via SNMP / pushing config via SNMP
I was able to get this to work with the following:
snmpset -v 2c -c [RW_COMMUNITY] [IP_ADDRESS] TIMETRA-SECURITY-MIB::tmnxPasswordAuthenOrder1.0 i 1
snmpset -v 2c -c [RW_COMMUNITY] [IP_ADDRESS] TIMETRA-SECURITY-MIB::tmnxPasswordAuthenOrder2.0 i 3
I eventually found this directory that listed out a bunch of TiMOS mibs, in which TIMETRA are the ALU specific ones which was incredibly helpful:
ftp://109.74.90.32/ALCATEL/7750/7x50-Ti ... lash/MIBs/
Hopefully someone else will find this useful.
snmpset -v 2c -c [RW_COMMUNITY] [IP_ADDRESS] TIMETRA-SECURITY-MIB::tmnxPasswordAuthenOrder1.0 i 1
snmpset -v 2c -c [RW_COMMUNITY] [IP_ADDRESS] TIMETRA-SECURITY-MIB::tmnxPasswordAuthenOrder2.0 i 3
I eventually found this directory that listed out a bunch of TiMOS mibs, in which TIMETRA are the ALU specific ones which was incredibly helpful:
ftp://109.74.90.32/ALCATEL/7750/7x50-Ti ... lash/MIBs/
Hopefully someone else will find this useful.
