Citrix Gateway

Clear Config Basic Must Not Clear TACACS Config

This topic focuses on not clearing all RBA (Role Based Access) related configurations when the clear config command is run.

The current clear config command is performed in one of three levels:

  • Basic
  • Extended
  • Full

Based on the level, Citrix ADC configurations are cleared and reset to the factory default.

The command used is;

clear ns config [-force] <level>
<!--NeedCopy-->

The new command adds a knob to allow/deny the deletion of all RBA related configurations.

New Command

Described are the Clear RBA config features:

  1. YES/NO knob with Default: YES.

    The admin decides whether to retain the RBA config or not.

  2. ONLY the BASIC LEVEL of clear config is supported.

  3. The following configurations not cleared:

    • Add/bind system user/group.

    • Add cmd policy.

    • TACACS commands (add TACACS action/policy).

    • Bind system global

    Note: TACACS related config (action/policy) is preserved if the policy is bound to the system global or else it is cleared

CLI Configuration

The command used is;

clear config [–force] <level> [-RBAconfig]
<!--NeedCopy-->

By default it is set to YES, and clears the configurations based on the level.

If –RBAconfig is set to NO, the RBA related config is retained. The following is included:

  • Add /bind system user /group
  • Bind system global
  • TACACS related commands (add TACACS action/policy)
  • Add cmd policy
Clear Config Basic Must Not Clear TACACS Config