Troubleshooting guide
(DRAFT LABEL) FINAL DRAFT - CISCO CONFIDENTIAL 2/13/02
B-3
ATM and Layer 3 Switch Router Troubleshooting Guide
OL-1969-01
Appendix Troubleshooting TACACS+ and Recovering Passwords
Troubleshooting TACACS+ Problems
Daemon Is Not Up and Running
Symptom: The TACACS+ daemon is not running.
Table B-3 outlines possible problems and describes solutions.
Daemon Does Not Run
Symptom: The TACACS+ daemon does not run when invoked.
Table B-4 outlines possible problems and describes solutions.
Table B-3 TACACS+: Daemon Is Not Up and Running
Possible Problem Solution
TACACS+ has not been launched Launch TACACS+ with the tac_plus -C configuration filename command.
TACACS+ is not specified in the
/etc/services file
1. Check the /etc/services file for the following line:
tacacs 49/tcp
2. This line must be included in the file. If the line is not present, add the line to
the file.
The tac_plus executable does not exist The TACACS+ daemon cannot run if the tac_plus executable does not exist.
1. Check the directory where you installed tac_plus.2.1 to see if the tac_plus file
exists.
2. If the file does not exist, use the make tac_plus command to compile tac_plus.
Table B-4 TACACS+: Daemon Does Not Run
Possible Problem Solution
TACACS+ configuration file is not
present
1. Check the directory in which you installed TACACS+ for a configuration file
in the TACACS+ format.
2. If there is no TACACS+ configuration file present and you are upgrading from
XTACACS, convert your password file into a configuration file by issuing the
following command:
unix_host% convert.pl /etc/passwd > configuration-file
The configuration file can have any name you want.
3. If there is no TACACS+ configuration file present, create one by using a text
editor. At a minimum, the configuration file must contain the following text:
user = userid {
login = cleartext “passwd”
}
The configuration file can be given any name.
For more information, refer to the user guide located in the tac_plus.2.1 directory.