TACACS+ servers

TACACS+ is a remote authentication protocol that provides access control for routers, network access servers, and other network devices through one or more centralized servers.

FortiOS sends the following proprietary TACACS+ attributes to the TACACS+ server during authorization requests:

Attribute

Description

service=<name>

User must be authorized to access the specified service.

memberof

Group that the user belongs to.

admin_prof

Administrator profile (admin access only).

Note

Only memberof and admin_prof attributes are parsed in authentication replies.