NimbostratusMultiple AAA authetication groups to TACACS
Currently I authenticate to a TACACS for my read/write account. Anyone who needs to manage the LTM will be added to that group. However I need to give auditor access to a group of users. When I great a local account it doesn't allow me to add a password. I can't add them to the group that I'm in because they will have too much access. How to I get the LTM to authenticate a group of users with an auditor role.
You need to use remote role with your TACACS+ server. Essentially this involves setting up remote roles and eliminating local user accounts. There have been several threads lately about remote authentication via TACACS+ lately. Here's one:
https://devcentral.f5.com/questions/how-to-configure-tacacs-on-cisco-acs-53-for-authenticate-administrative-users-on-ltm-1120
Also, here is some info regarding remote role:
http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-implementations-11-1-0/16.html
