blob: 21d0f4a3adb45fb7e8a3d56a1f80d75efe879c13 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
submodule openconfig-aaa-tacacs {
yang-version "1";
belongs-to "openconfig-aaa" {
prefix "oc-aaa";
}
// import some basic types
import openconfig-inet-types { prefix oc-inet; }
import openconfig-extensions { prefix oc-ext; }
import openconfig-aaa-types { prefix oc-aaa-types; }
import openconfig-types { prefix oc-types; }
// meta
organization "OpenConfig working group";
contact
"OpenConfig working group
www.openconfig.net";
description
"This module defines configuration and operational state data
related to the TACACS+ protocol for authentication,
authorization, and accounting.";
oc-ext:openconfig-version "0.3.0";
revision "2017-09-18" {
description
"Updated to use OpenConfig types modules";
reference "0.3.0";
}
revision "2017-07-06" {
description
"Move to oc-inet types, add IETF attribution, add RADIUS
counters, changed password leaf names to indicate hashed";
reference "0.2.0";
}
revision "2017-01-29" {
description
"Initial public release";
reference "0.1.0";
}
// extension statements
// feature statements
// identity statements
identity TACACS {
base oc-aaa-types:AAA_SERVER_TYPE;
description
"Terminal Access Controller Access Control System (TACACS+)
AAA server";
reference
"The TACACS+ Protocol (draft-ietf-opsawg-tacacs-05)
RFC 1492 - An Access Control Protocol, Sometimes Called
TACACS";
}
// typedef statements
// grouping statements
grouping aaa-tacacs-server-config {
description
"Configuration data for a TACACS+ server";
leaf port {
type oc-inet:port-number;
default 49;
description
"The port number on which to contact the TACACS server";
}
leaf secret-key {
type oc-types:routing-password;
description
"The unencrypted shared key used between the authentication
server and the device.";
}
leaf source-address {
type oc-inet:ip-address;
description
"Source IP address to use in messages to the TACACS server";
}
}
grouping aaa-tacacs-server-state {
description
"Operational state data for a TACACS+ server";
}
grouping aaa-tacacs-server-top {
description
"Top-level grouping for TACACS+ sever data";
container tacacs {
description
"Top-level container for TACACS+ server data";
container config {
description
"Configuration data for TACACS+ server";
uses aaa-tacacs-server-config;
}
container state {
config false;
description
"Operational state data for TACACS+ server";
uses aaa-tacacs-server-config;
uses aaa-tacacs-server-state;
}
}
}
// data definition statements
// augment statements
// rpc statements
// notification statements
}
|
