У меня ошибка при попытке применить мою конфигурацию GUI tacacs, я пробую эту конфигурацию с другим сервером на localhost, и она работает, но не на моем первом сервере tacacs
/ opt / tacacsgui / tac_plus.cfg_test: 47: Нераспознанное ключевое слово 'host'
Пожалуйста, помогите мне решить эту проблему, это мой tac_plus.cfg:
id = spawnd {
####SPAWND####
listen = { port = 49 }
} ##END OF SPAWND
id = tac_plus { ##START GLOBAL CONFIGURATION
####GENERAL CONFIGURATION####
###MANUAL CONFIGURATION START###
log = accounting_log {
destination = "| /opt/tacacsgui/parser/tacacs_parser.sh accounting"
log separator = "|!|"}
log = authentication_log {
destination = "| /opt/tacacsgui/parser/tacacs_parser.sh authentication"
log separator = "|!|"}
log = authorization_log {
destination = "| /opt/tacacsgui/parser/tacacs_parser.sh authorization"
log separator = "|!|"}
###MANUAL CONFIGURATION END###
accounting log = accounting_log
authentication log = authentication_log
authorization log = authorization_log
connection timeout = 600
context timeout = 3600
password max-attempts = 1
password backoff = 1
separation tag = "*"
skip conflicting groups = yes
skip missing groups = yes
####MAVIS GENERAL SETTINGS####
user backend = mavis
login backend = mavis chpass
pap backend = mavis
mavis module = external {
exec = /opt/tacacsgui/mavis/app.php
} #END OF MAVIS GLOBAL SETTINGS
####LIST OF ACL####
####LIST OF DEVICE GROUPS####
host = defaultGroup {
welcome banner = "Unauthorized access is prohibited!"
motd banner = "Today is a perfect day! Have a nice day!"
failed authentication banner = "Go away! Unauthorized access is prohibited!"
} #END OF defaultGroup
host = datacomm {
key = "telkomcel"
enable = clear telkomcel
default group = datacomm_full
} #END OF datacomm
host = servicesolution {
key = "telkomcel"
enable = clear telkomcel
} #END OF servicesolution
####LIST OF HOSTS####
host = SW-CORE2 {
address = "192.168.101.12/32"
key = "telkomcel"
enable = clear telkomcel
template = datacomm
} #END OF SW-CORE2
host = PE2-INET-AIM {
address = "192.168.101.10/32"
key = "telkomcel"
enable = clear telkomcel
template = servicesolution
} #END OF PE2-INET-AIM
host = SRDLI02 {
address = "192.168.101.14/32"
key = "telkomcel"
enable = clear telkomcel
template = datacomm
} #END OF SRDLI02
####LIST OF USER GROUPS####
group = datacomm_full {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
default service = permit
###Service full START###
service = shell {
set priv-lvl = 15
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service full END###
} #END OF datacomm_full
group = servicesolution_full {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
server = deny SW-CORE2
server = deny SRDLI02
default service = permit
###Service full START###
service = shell {
set priv-lvl = 15
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service full END###
} #END OF servicesolution_full
group = servicesolution_read {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
server = deny SW-CORE2
server = deny SRDLI02
default service = permit
###Service read_only START###
service = shell {
set priv-lvl = 3
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service read_only END###
} #END OF servicesolution_read
group = datacomm_read {
#### LDAP Groups List #### DistinguishedName ###
### CN=Users,CN=Builtin,DC=telkomcel,DC=tl ###
enable = clear telkomcel
default service = permit
###Service read_only START###
service = shell {
set priv-lvl = 3
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service read_only END###
} #END OF datacomm_read
####LIST OF USERS####
user = 91007 {
login = mavis # LDAP
member = datacomm_read
pap = login # Clone login
enable = login # Clone login
default service = permit
###Service full START###
service = shell {
set priv-lvl = 15
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service full END###
} #END OF 91007
user = 88014 {
login = mavis # LDAP
member = datacomm_read
pap = login # Clone login
enable = login # Clone login
default service = permit
###Service read_only START###
service = shell {
set priv-lvl = 3
default attribute = permit
default cmd = permit
} #END OF Cisco Router/Switch Service
###Service read_only END###
} #END OF 88014
user = 82001 {
login = mavis # LDAP
member = servicesolution_full
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 82001
user = 94003 {
login = mavis # LDAP
member = servicesolution_full
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 94003
user = 89014 {
login = mavis # LDAP
member = datacomm_full
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 89014
user = 18001 {
login = mavis # LDAP
member = servicesolution_read
pap = login # Clone login
enable = login # Clone login
default service = permit
### GET SERVICES FROM GROUP
} #END OF 18001
}##END GLOBAL CONFIGURATION
, пожалуйста, помогите, как я могу решить эту проблему без переустановки сервера tacacs