143 lines
3.0 KiB
YANG
143 lines
3.0 KiB
YANG
submodule openconfig-aaa-tacacs {
|
|
|
|
yang-version "1";
|
|
|
|
belongs-to "openconfig-aaa" {
|
|
prefix "oc-aaa";
|
|
}
|
|
|
|
// import some basic types
|
|
import openconfig-inet-types { prefix oc-inet; }
|
|
import openconfig-extensions { prefix oc-ext; }
|
|
import openconfig-aaa-types { prefix oc-aaa-types; }
|
|
import openconfig-types { prefix oc-types; }
|
|
|
|
|
|
// meta
|
|
organization "OpenConfig working group";
|
|
|
|
contact
|
|
"OpenConfig working group
|
|
www.openconfig.net";
|
|
|
|
description
|
|
"This module defines configuration and operational state data
|
|
related to the TACACS+ protocol for authentication,
|
|
authorization, and accounting.";
|
|
|
|
oc-ext:openconfig-version "0.4.1";
|
|
|
|
revision "2018-11-21" {
|
|
description
|
|
"Add OpenConfig module metadata extensions.";
|
|
reference "0.4.1";
|
|
}
|
|
|
|
revision "2017-09-18" {
|
|
description
|
|
"Updated to use OpenConfig types modules";
|
|
reference "0.3.0";
|
|
}
|
|
|
|
revision "2017-07-06" {
|
|
description
|
|
"Move to oc-inet types, add IETF attribution, add RADIUS
|
|
counters, changed password leaf names to indicate hashed";
|
|
reference "0.2.0";
|
|
}
|
|
|
|
revision "2017-01-29" {
|
|
description
|
|
"Initial public release";
|
|
reference "0.1.0";
|
|
}
|
|
|
|
// extension statements
|
|
|
|
// feature statements
|
|
|
|
// identity statements
|
|
|
|
identity TACACS {
|
|
base oc-aaa-types:AAA_SERVER_TYPE;
|
|
description
|
|
"Terminal Access Controller Access Control System (TACACS+)
|
|
AAA server";
|
|
reference
|
|
"The TACACS+ Protocol (draft-ietf-opsawg-tacacs-05)
|
|
RFC 1492 - An Access Control Protocol, Sometimes Called
|
|
TACACS";
|
|
}
|
|
|
|
// typedef statements
|
|
|
|
// grouping statements
|
|
|
|
grouping aaa-tacacs-server-config {
|
|
description
|
|
"Configuration data for a TACACS+ server";
|
|
|
|
leaf port {
|
|
type oc-inet:port-number;
|
|
default 49;
|
|
description
|
|
"The port number on which to contact the TACACS server";
|
|
}
|
|
|
|
leaf secret-key {
|
|
type oc-types:routing-password;
|
|
description
|
|
"The unencrypted shared key used between the authentication
|
|
server and the device.";
|
|
}
|
|
|
|
leaf source-address {
|
|
type oc-inet:ip-address;
|
|
description
|
|
"Source IP address to use in messages to the TACACS server";
|
|
}
|
|
}
|
|
|
|
grouping aaa-tacacs-server-state {
|
|
description
|
|
"Operational state data for a TACACS+ server";
|
|
}
|
|
|
|
grouping aaa-tacacs-server-top {
|
|
description
|
|
"Top-level grouping for TACACS+ sever data";
|
|
|
|
container tacacs {
|
|
description
|
|
"Top-level container for TACACS+ server data";
|
|
|
|
container config {
|
|
description
|
|
"Configuration data for TACACS+ server";
|
|
|
|
uses aaa-tacacs-server-config;
|
|
}
|
|
|
|
container state {
|
|
|
|
config false;
|
|
|
|
description
|
|
"Operational state data for TACACS+ server";
|
|
|
|
uses aaa-tacacs-server-config;
|
|
uses aaa-tacacs-server-state;
|
|
}
|
|
}
|
|
}
|
|
|
|
// data definition statements
|
|
|
|
// augment statements
|
|
|
|
// rpc statements
|
|
|
|
// notification statements
|
|
|
|
}
|