This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SZ / SCG Admin roles and AAA Servers - Priority?

Greg_WiGuy
Contributor II

‎04-05-2023 05:43 AM

I'm looking through the documentation below trying to figure out if once we configure TACACS+, will the local accounts still be usable?

https://docs.commscope.com/bundle/sz-611-adminguide-sz100vsz/page/GUID-B9789B57-C58B-4215-A83A-AC05B...

For other network switches, routers, firewalls etc. we typically have a rule where the local accounts are not available unless the TACACS+ server becomes unreachable.  This allows us to force admins to log in with their AAA credentials but in the event of a failure, we can fall back on the local account with a shared password.  Is this possible with SZ?

0 Kudos
5 REPLIES 5

Greg_WiGuy
Contributor II

‎04-11-2023 07:15 AM

For anyone who comes across my post later on, here's the following answer I got from my sales engineer via some internal back-channeling.

the Local SZ accounts will remain usable. We don’t have an option to disable their use until connection to the AAA server is lost.

So basically, the local admin account will always be usable, and AAA just adds the ability to use other servers for authentication.  My plan is now to use a complex password for admin that gets locked away and force all users to use their AAA creds.

Copyright © 2024 Khoros, LLC