Assigning User Roles To Non-Aaa Authentication Users On User Lines; Configuring Temporary User Role Authorization; Configuration Guidelines - HP FlexFabric 7900 Series Configuration Manual

Hide thumbs Also See for FlexFabric 7900 Series:

Command reference manual (294 pages)

Installation manual (58 pages)

Command reference manual (237 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

Table of Contents

Step

Authorize the user to have a

user role.

Assigning user roles to non-AAA authentication users on user

lines

Specify user roles for the following two types of login users on the user lines:

Users who use password authentication or no authentication.

•

SSH clients that use publickey or password-publickey authentication. User roles assigned to these

SSH clients are specified in their respective device management user accounts.

For more information about user lines, see

information about SSH, see Security Configuration Guide.

To assign a user role to non-AAA authentication users on a user line:

Step

Enter system view.

Enter user line view or user

line class view.

Specify a user role on the

user line.

Configuring temporary user role authorization

Temporary user role authorization allows you to obtain a temporary user role without reconnecting to the

device. This function is useful when you want to use a user role temporarily to configure a feature.

Temporary user role authorization is effective only on the current login. It does not change the user role

settings in the user account that you have been logged in with. The next time you are logged in with the

user account, the original user role settings take effect.

Configuration guidelines

When you configure temporary user role authorization, follow these guidelines:

Command

authorization-attribute user-role

role-name

"Login

overview" and

Command

system-view

•

To enter user line view:

line { first-num1 [ last-num1 ] |

{ aux | vty } first-num2

[ last-num2 ] }

•

To enter user line class view:

line class { aux | vty }

user-role role-name

Remarks

Repeat this step to assign the user to up

to 64 user roles.

By default, network-operator is

assigned to local users created by a

network-admin or level-15 user.

"Logging in to the

CLI." For more

Remarks

N/A

For information about the priority

order and application scope of the

configurations in user line view and

user line class view, see

"Logging in to

the

CLI."

Repeat this step to specify up to 64

user roles on a user line.

By default, network-admin is specified

on the AUX user line, and

network-operator is specified on any

other user lines.

Table of Contents

Assigning User Roles To Non-Aaa Authentication Users On User Lines; Configuring Temporary User Role Authorization; Configuration Guidelines - HP FlexFabric 7900 Series Configuration Manual

Configuring temporary user role authorization

Configuration guidelines

Troubleshooting

Related Manuals for HP FlexFabric 7900 Series

Related Content for HP FlexFabric 7900 Series

Table of Contents