Note: this TACACS server is not being supported (i.e. bugfixed or enhanced.) And in fact there is a known bug in it: the check for expired password is no good (see [.to-do] for more details on this.) You may want to get Yehavi Bourvine's (presumably more capable) XTACACS for VMS instead - should be somewhere on ftp.cisco.com. Cheers, Aaron Aaron Leonard MultiNet-VMS@Support.TGV.COM [ work ] Leonard@Leonard.Tucson.AZ.US [ home ] leonard@arizona.edu [ formerly ] --- [tacacs] This is a Tacacs authentication server for VMS+MultiNet. It was written to be used in conjunction with a cisco terminal server and has not been tested in any other application. Note that the Tacacs protocol sends passwords over the net as plain text. Thus this authentication server should not be looked at as providing any particularly serious level of security. To build: $ @MakeIt VMS V5.4 or better is required, because the $HASH_PASSWORD system service is employed. Records are stored in a SYSUAF-format ISAM file, and can be manipulated with the usual AUTHORIZE utility. (See ADD-A-RECORD.COM for an example of how this can be done.) Create user records with some given user name and password. The Tacacs server will return success if a matching record is found, as long as it's not DISUSER'd or has an expired password. Edit the file START-TACACS.COM to reflect your site-specific directories and logging preferences. START-TACACS.COM should be invoked at system startup time, following START_MULTINET. Thanks to Greg Satz of cisco Systems for providing the Unix version of the Tacacs server from which this was adapted. Send suggestions, bug reports, enhancements, etc. to me ... Aaron Aaron Leonard University of Arizona