[c-nsp] n5k caches usernames logged in
Jared Mauch
jared at puck.nether.net
Tue Sep 21 10:20:54 EDT 2010
I despise hidden configuration items like those reported here. Either it's a local user in the config or not. Looks like a bug or architecture flaw.
Jared Mauch
On Sep 21, 2010, at 9:24 AM, Tassos Chatzithomaoglou <achatz at forthnet.gr> wrote:
>
>
> Lincoln Dale wrote on 20/09/2010 05:20:
>> On 19/09/2010, at 10:12 PM, Tassos Chatzithomaoglou wrote:
>>
>>
>>> I noticed that when a remote user logs into a n5k and then logs out, the "show user-account" command still displays the user credentials.
>>> Waiting for some time or clearing manually the user from config mode (?), fixes the above.
>>> Is there a timer for such cached entries that can be changed? Is it possible to disable this caching?
>>>
>> i'm not sure why you feel this to be an issue? if the user is provided from AAA then the AAA server will still be consulted for the authentication/authorization/roles etc.
>>
> Maybe it's not an issue.
> The output of "show user-account" gets cluttered with all the users that have logged into the n5k in the past.
> Since this isn't documented anywhere, i found it strange.
> Also having to clear the username from config mode, while "sh run" doesn't include the username, is even more strange.
>
> n5k(config)# username test role network-admin
> user:test account is already created through remote authentication.
> Please first delete that account using "no" option.
>
>
> --
> Tassos
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list