show aaa authentication
Syntax
show aaa authentication [vsx-peer]
Description
Shows a table of server groups based on the sequence of authentication access. For local authentication, group name
local
is shown.
Command context
Operator (>
) or Manager (#
)
Parameters
[vsx-peer]
Shows the output from the VSX peer switch. If the switches do not have the VSX configuration or the ISL is down, the output from the VSX peer switch is not displayed.
Authority
Operators or Administrators. Users without administrator authority can execute this command from the operator context (>) only.
Example
In the following example, the group priority represents a sequence of a group, which differs from TACACS+ server group priority. TACACS+ server group priority is a sequence of servers assigned to a group.
Showing table of server groups with TACACS+ groups and local:
switch(config)# aaa authentication login default group tac_grp1 tacacs local switch(config)# switch(config)# do show aaa authentication AAA Authentication: Fail-through : Disabled Limit Login Attempts : Not set Lockout Time : 300 Minimum Password Length : Not set Default Authentication for All Channels: --------------------------------------------------------------------------------- GROUP NAME | GROUP PRIORITY --------------------------------------------------------------------------------- tac_grp1 | 0 tacacs | 1 local | 2 --------------------------------------------------------------------------------- switch(config)#
Showing the authentication sequence for RADIUS groups and local:
switch(config)# aaa authentication login default group rad_grp1 radius local switch(config)# switch(config)# do show aaa authentication AAA Authentication: Fail-through : Disabled Limit Login Attempts : Not set Lockout Time : 300 Minimum Password Length : Not set Default Authentication for All Channels: --------------------------------------------------------------------------------- GROUP NAME | GROUP PRIORITY --------------------------------------------------------------------------------- rad_grp1 | 0 radius | 1 local | 2 --------------------------------------------------------------------------------- switch(config)#
Showing table of server groups with only local:
switch(config)# aaa authentication login default local switch(config)# switch# show aaa authentication AAA Authentication: Fail-through : Disabled Limit Login Attempts : Not set Lockout Time : 300 Minimum Password Length : Not set Default Authentication for All Channels: --------------------------------------------------------------------------------- GROUP NAME | GROUP PRIORITY --------------------------------------------------------------------------------- local | 0