HP 3600 v2 Series Configuration Manual page 31
Hide thumbs
Also See for 3600 v2 Series:
- Command reference manual (510 pages) ,
- Configuration manual (441 pages) ,
- Security configuration manual (398 pages)
Table of Contents
Advertisement
Authorization attributes indicate the rights that a user has after passing local authentication.
Authorization attributes include the ACL, idle cut function, user level, user role, user profile, VLAN,
and FTP/SFTP work directory. For more information about authorization attributes, see
"Configuring local user
Every configurable authorization attribute has its definite application environments and purposes.
When you configure authorization attributes for a local user, consider which attributes are needed
and which are not.
You can configure an authorization attribute in user group view or local user view to make the
attribute effective for all local users in the group or only for the local user. The setting of an
authorization attribute in local user view takes precedence over that in user group view.
Local user configuration task list
Task
Configuring local user attributes
Configuring user group attributes
Displaying and maintaining local users and local user groups
Configuring local user attributes
Follow these guidelines when you configure local user attributes:
•
If the user interface authentication mode (set by the authentication-mode command in user
interface view) is AAA (scheme), which commands a login user can use after login depends on the
privilege level authorized to the user. If the user interface authentication mode is password
(password) or no authentication (none), which commands a login user can use after login depends
on the level configured for the user interface (set by the user privilege level command in user
interface view). For an SSH user using public key authentication, which commands are available
depends on the level configured for the user interface. For more information about user interface
authentication mode and user interface command level, see Fundamentals Configuration Guide.
You can configure the user profile authorization attribute in local user view, user group view, and ISP
•
domain view. The setting in local user view has the highest priority, and that in ISP domain view has
the lowest priority. For more information about user profiles, see
You cannot delete a local user who is the only security log manager in the system, nor can you
•
change or delete the security log manager role of the user. To do so, you must specify a new security
log manager first.
To configure local user attributes:
Step
1.
Enter system view.
2.
Add a local user and enter
local user view.
attributes."
Command
system-view
local-user user-name
18
Remarks
Required
Optional
Optional
"Configuring a user
Remarks
N/A
No local user exists by default.
profile."
Advertisement
Table of Contents
Troubleshooting
