HP A5830 Series Configuration Manual page 23

Hide thumbs Also See for A5830 Series:

Configuration manual (280 pages)

Command reference manual (249 pages)

Configuration manual (207 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

page of 152

/ 152
Contents
Table of Contents
Bookmarks

Table of Contents

After switching to user privilege level 0, the user can only execute simple commands, like ping and

•

tracert, and only a few display commands.

The switching operation is effective for the current login. After the user logs back in, the user

•

privilege restores to the original level.

To avoid problems, HP recommends that administrators log in to the switch by using a lower privilege

level and view switch operating parameters. To maintain the switch, administrators can temporarily switch

to a higher level.

If the administrators must leave or must ask someone else to temporarily manage the switch, they can

switch to a lower privilege level to restrict the operation by others.

Setting the authentication mode for user privilege level switch

A user can switch to a privilege level equal to or lower than the current one unconditionally and is

•

not required to enter a password (if any).

For security, a user is required to enter the password (if any) to switch to a higher privilege level. The

•

authentication falls into one of the following four categories:

Authentication

mode

Local

Scheme

local scheme

scheme local

Follow these steps to set the authentication mode for user privilege level switch:

Meaning

Description

The switch authenticates a user by using the privilege level switch

password entered by the user.

Local password

authentication

When this mode is applied, you must set the password for privilege

level switch with the super password command.

The switch sends the username and password for privilege level switch

to the HWTACACS or RADIUS server for remote authentication.

When this mode is applied, you must perform the following

Remote AAA

configurations:

authentication

through

•

Configure HWTACACS or RADIUS scheme and reference the created

HWTACACS or

scheme in the ISP domain. For more information, see Security

RADIUS

Configuration Guide.

•

Create the corresponding user and configure password on the

HWTACACS or RADIUS server.

Performs the local

The switch authenticates a user by using the local password first, and if

password

no password for privilege level switch is set, for the user logged in from

authentication first

the AUX user interface, the privilege level is switched directly; for the

and then the

user logged in from a VTY user interface, the AAA authentication is

remote AAA

performed.

authentication

Performs remote

AAA

AAA authentication is performed first, and if the remote HWTACACS or

authentication first

RADIUS server does not respond or AAA configuration on the switch is

and then the local

invalid, the local password authentication is performed.

password

authentication

Table of Contents

HP A5830 Series Configuration Manual page 23

Related Manuals for HP A5830 Series

Related Products for HP A5830 Series

Table of Contents