Cisco Unified Messaging Gateway Command Reference for 8.0 and Later Versions
A Commands (Common)
Download this chapter
A Commands (Common)A Commands (Common)
Download the complete book
Command Reference -- Full Book PDFCommand Reference -- Full Book PDF (PDF - 2 MB)
 Feedback

Table Of Contents

A

aaa accounting enable

aaa accounting event

aaa accounting server remote

aaa authentication server remote

aaa policy system

address (aaa-accounting)

address (aaa-authentication)

authentication-order (aaa-policy)

authorization merge-attributes (aaa-policy)


A

Last Updated: November 17, 2010

aaa accounting enable

aaa accounting event

aaa accounting server remote

aaa authentication server remote

aaa policy system

address (aaa-accounting)

address (aaa-authentication)

authentication-order (aaa-policy)

authorization merge-attributes (aaa-policy)

aaa accounting enable

To enable or disable the recording of AAA accounting events, use the aaa accounting enable command in Cisco UMG configuration mode. Use the no or default form of this command to restore the default setting (AAA accounting is disabled).

aaa accounting enable

no aaa accounting enable

default aaa accounting enable

Syntax Description

This command has no arguments or keywords.

Command Default

The recording of AAA accounting events is disabled.

Command Modes

Cisco UMG configuration (config)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

When accounting is disabled, no accounting records are generated, including records sent to the syslog. Therefore, all accounting data that is locally cached is discarded and new accounting events are not recorded.

Examples

The following example disables AAA accounting:

umg-1# config t

umg-1(config)# default aaa accounting enable

Related Commands

Command
Description

aaa accounting event

Enters AAA accounting submode and configures event filtering for accounting packets.

show aaa accounting event

Shows the AAA accounting events that are designated to be logged.


aaa accounting event

To enter AAA accounting event submode and configure event filtering for accounting packets, use the aaa accounting event command in Cisco UMG configuration mode.

aaa accounting event

Syntax Description

This command has no arguments or keywords.

Command Default

None.

Command Modes

Cisco UMG configuration (config)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

In AAA accounting submode you can enable/disable the logging of:

Configuration mode commands

EXEC mode commands

Failed login attempts

Login events

Logout events

System startup events

System shutdown events

Examples

The following example shows how to enter AAA accounting submode:

umg-1# config t

umg-1(config)# aaa accounting event 

umg-1(aaa-accounting-event)# login

Related Commands

Command
Description

aaa accounting enable

Enables the recording of AAA accounting events.

aaa accounting event

Enters AAA accounting submode and configures event filtering for accounting packets.

show aaa accounting event

Shows the AAA accounting events that are designated to be logged.


aaa accounting server remote

To enter AAA accounting submode and configure the AAA accounting server, use the aaa accounting server remote command in Cisco UMG configuration mode. Use the no or default form of this command to delete the AAA configuration.

aaa accounting server remote

no aaa accounting server remote

default aaa accounting server remote

Syntax Description

This command has no arguments or keywords.

Command Default

No AAA accounting information is configured.

Command Modes

Cisco UMG configuration (config)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

After using this command to enter AAA accounting submode, you can configure the following AAA accounting server properties:

IP address or fully qualified domain name of the accounting server

Maximum number of times an accounting request is retried before the accounting fails

Number of seconds to wait before a request is considered to be unanswered

Examples

The following example sets the AAA accounting timeout to 10 seconds:

umg-1# config t

umg-1(config)# aaa accounting server remote

umg-1(aaa-accounting)# timeout 10


Related Commands

Command
Description

show aaa accounting service

Shows the login information configured for the AAA accounting server.


aaa authentication server remote

To enter AAA authentication submode and configure the AAA authentication server, use the aaa authentication server remote command in Cisco UMG configuration mode. Use the no or default form of this command to delete the AAA configuration.

aaa authentication server remote

no aaa authentication server remote

default aaa authentication server remote

Syntax Description

This command has no arguments or keywords.

Command Default

No AAA authentication information is configured.

Command Modes

Cisco UMG configuration (config)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

After using this command to enter AAA authentication submode, you can configure the following AAA server authentication properties:

IP address or fully qualified domain name of the authentication server

Maximum number of times an authentication request is retried before the authentication fails

Number of seconds to wait before a request is considered to be unanswered

Examples

The following example sets the AAA authentication timeout to 10 seconds:

umg-1# config t

umg-1(config)# aaa authentication server remote

umg-1(aaa-authentication)# timeout 10

Related Commands

Command
Description

address (aaa-authentication)

Sets the IP address or DNS hostname for AAA authentication server.


aaa policy system

To enter AAA policy submode and configure the system AAA policy, use the aaa policy system command in Cisco UMG configuration mode. Use the no form of this command to restore the commands in this submode to their default values.

aaa policy system

no aaa policy system

Syntax Description

This command has no arguments or keywords.

Defaults

No AAA policy is configured.

Command Modes

Cisco UMG configuration (config)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

The AAA policy controls the behavior of authentication and authorization.

Examples

The following example sets the authorization merge attributes of the AAA policy: 

umg-1# config t

umg-1(config)# aaa policy system

umg-1(aaa-policy)# authorization merge attributes

Related Commands

Command
Description

show aaa policy

Shows the AAA policy settings.


address (aaa-accounting)

To define the access parameters for the AAA accounting server, use the address command in Cisco UMG AAA accounting configuration mode. Use the no form of this command to remove the server definition.

address address [port port] {secret string | credentials hidden hidden}

no address address [port port] {secret string | credentials hidden hidden}

Syntax Description

address

IP address or fully qualified domain name of the accounting server.

port port

(Optional) Port that will receive AAA accounting traffic. The default value is 1813.

secret string

Unencrypted shared secret used to access the server and encrypt sensitive information, such as the user's password. You must configure the secret on both the AAA server and Cisco UMG with the same value. RADIUS servers do not accept packets from clients that they do not share a secret with. You must enter the secret in clear text.

credentials hidden hidden

Encrypted shared secret used to access the server and encrypt sensitive information, such as the user's password. This secret is encrypted when displayed. You must configure the secret on both the AAA server and Cisco UMG with the same value. RADIUS servers do not accept packets from clients that they do not share a secret with.


Defaults

No AAA accounting server is configured.

Command Modes

Cisco UMG AAA accounting configuration (aaa-accounting)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

You can configure up to two server addresses to provide failover functionality when the first address is unreachable. This is done by entering this CLI multiple times for each server.

Examples

The following example configures an AAA accounting server with an IP address of 10.20.20.1:

umg-1# config t

umg-1(config)# aaa accounting server remote

umg-1(aaa-accounting)# address 10.20.20.1 secret "GixGRq8cUmGIZDg9c8oX9Enf
GWTYHfmPSd8ZZNgd+Y9J3xlk2B35j0nfGWTYHfmPSd8ZZNgd+Y9J3xlk2B35j0nfGWTYHfmPSd8ZZNgd+Y9J3xlk2B 35j0nfGWTYHfmP"

Related Commands

Command
Description

aaa accounting server remote

Enters aaa-accounting submode and configures the AAA accounting server.


address (aaa-authentication)

To define the access parameters for the AAA authentication server, use the address command in Cisco UMG AAA authentication configuration mode. Use the no form of this command to remove the server definition.

address address [port port] {secret string | credentials hidden hidden}

no address address [port port] {secret string | credentials hidden hidden}

Syntax Description

address

IP address or fully qualified domain name of the authentication server.

port port

(Optional) Port that will receive AAA authentication traffic. The default value is 1812.

secret string

Shared secret used to access the server and encrypt sensitive information, such as the user's password. You must configure the secret on both the AAA server and Cisco UMG with the same value. RADIUS servers do not accept packets from clients that they do not share a secret with. You must enter the secret in clear text.

credentials hidden hidden

Encrypted shared secret used to access the server and encrypt sensitive information, such as the user's password. This secret is encrypted when displayed. You must configure the secret on both the AAA server and Cisco UMG with the same value. RADIUS servers do not accept packets from clients that they do not share a secret with.


Defaults

No AAA authentication server is configured.

Command Modes

Cisco UMG AAA authentication configuration (aaa-authentication)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

You can configure up to two server addresses to provide failover functionality when the first address is unreachable. This is done by entering this CLI multiple times for each server. All servers configured with this CLI are assumed to have the same user database so authentication failover will not traverse this list of servers if a user is not successfully authenticated.

When you view the configuration of the AAA accounting server using the show running-config command or show startup-config command, the hidden credentials are not displayed in clear text.

Examples

The following example configures an AAA authentication server with an IP address of 10.20.20.1:

umg-1# config t

umg-1(config)# aaa authentication server remote

umg-1(aaa-authentication)# address 10.20.20.1 secret "GixGRq8cUmGIZDg9c8oX9Enf
GWTYHfmPSd8ZZNgd+Y9J3xlk2B35j0nfGWTYHfmPSd8ZZNgd+Y9J3xlk2B35j0nfGWTYHfmPSd8ZZNgd+Y9J3xlk2B 35j0nfGWTYHfmP"

Related Commands

Command
Description

aaa authentication server remote

Enters aaa-authentication submode and configures the AAA authentication server.


authentication-order (aaa-policy)

To specify the order in which to query the remote authentication servers and local authentication database, use the authentication-order command in Cisco UMG AAA policy configuration mode. Use the no or default form of this command to return the authentication order to "local only."

authentication-order {remote [local] | local [remote]}

no authentication-order

default authentication-order

Syntax Description

remote

Query the remote authentication servers

local

Query the local authentication database


Defaults

Local authentication only (authentication-order local )

Command Modes

Cisco UMG AAA policy configuration (aaa-policy)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

You can configure any of the following modes of querying the remote authentication servers and local authentication database.

Local authentication database only

Local authentication database, then remote authentication servers

Remote authentication servers only

Remote authentication servers, then local authentication database

In any case, if an attribute exists only on the AAA server or locally, the attribute is selected and used.

Examples

The following example configures AAA to query the authentication servers only: 

umg-1# config t

umg-1(config)# aaa policy system

umg-1(aaa-policy)# authentication-order remote

Related Commands

Command
Description

aaa policy system

Enters aaa-policy submode and configures the system AAA policy.

show aaa policy

Shows the AAA policy settings.


authorization merge-attributes (aaa-policy)

To specify whether the user attributes that are retrieved from an AAA server will be merged with attributes for the same username found in the local user database, use the authorization merge-attributes command in Cisco UMG AAA policy configuration mode. Use the no or default form of this command to restore the default value.

authorization merge-attributes

no authorization merge-attributes

default authorization merge-attributes

Syntax Description

This command has no arguments or keywords.

Defaults

Default remote attributes are merged with local attributes.

Command Modes

Cisco UMG AAA policy configuration (aaa-policy)

Command History

Cisco UMG Version
Modification

8.0

This command was introduced.


Usage Guidelines

When the merge-attributes feature is enabled and a user attribute list exists on both the AAA server and the local user database, the local and remote AAA server attribute lists are combined and duplicates are eliminated. If the same scalar user attribute is present on the AAA server and local user database, a merge is not possible and the attribute from the AAA server is selected.

When the merge-attributes feature is disabled, the user attributes from the AAA server are always selected over local user database attributes if the same attribute is defined for both locations.

In either case, if an attribute exists only on the AAA server or locally, the attribute is selected and used.

Examples

The following example enables the merge-attributes feature: 

umg-1# config t

umg-1(config)# aaa policy system

umg-1(aaa-policy)# authorization merge attributes

Related Commands

Command
Description

aaa policy system

Enters aaa-policy submode and configures the system AAA policy.

show aaa policy

Shows the AAA policy settings.