[c-nsp] n5k caches usernames logged in
Tassos Chatzithomaoglou
achatz at forthnet.gr
Tue Sep 21 09:24:07 EDT 2010
Lincoln Dale wrote on 20/09/2010 05:20:
> On 19/09/2010, at 10:12 PM, Tassos Chatzithomaoglou wrote:
>
>
>> I noticed that when a remote user logs into a n5k and then logs out, the "show user-account" command still displays the user credentials.
>> Waiting for some time or clearing manually the user from config mode (?), fixes the above.
>> Is there a timer for such cached entries that can be changed? Is it possible to disable this caching?
>>
> i'm not sure why you feel this to be an issue? if the user is provided from AAA then the AAA server will still be consulted for the authentication/authorization/roles etc.
>
Maybe it's not an issue.
The output of "show user-account" gets cluttered with all the users that
have logged into the n5k in the past.
Since this isn't documented anywhere, i found it strange.
Also having to clear the username from config mode, while "sh run"
doesn't include the username, is even more strange.
n5k(config)# username test role network-admin
user:test account is already created through remote authentication.
Please first delete that account using "no" option.
--
Tassos
More information about the cisco-nsp
mailing list