Download Print this page

HP A5830 Series Configuration Manual page 37

Hide thumbs Also See for A5830 Series:

Configuration manual (280 pages)

,

Command reference manual (249 pages)

,

Configuration manual (207 pages)

Table Of Contents

page of 152

/ 152
Contents
Table of Contents
Bookmarks

Table of Contents

Advertisement

Task...

3.

Specify

the

authentication mode.

4.

Enable command authorization.

5.

Enable command accounting.

6.

Return to system view.

7.

Configure

a.

the

authenticati

on mode.

b.

Command...

scheme

authentication-mode

scheme

command

authorization

command accounting

quit

Enter the

ISP

domain domain-name

domain

view.

authentication default

Apply the

{ hwtacacs-scheme

specified

hwtacacs-scheme-

AAA

name [ local ] | local

scheme

| none | radius-

to

the

scheme radius-

domain.

scheme-name

[ local ] }

30

Remarks

Required.

Whether local, RADIUS, or HWTACACS

authentication is adopted depends on the

configured AAA scheme.

By default, users that log in through the console

port are not authenticated.

Optional.

•

By default, command authorization is not

enabled.

•

By default, the command level depends on the

user privilege level. A user is authorized a

command level not higher than the user

privilege level. With command authorization

enabled, the command level for a login user is

determined by both the user privilege level and

AAA authorization. If a user executes a

command of the corresponding command

level, the authorization server checks whether

the command is authorized. If it is, the

command can be executed.

Optional.

•

By default, command accounting is disabled.

The accounting server does not record the

commands executed by users.

•

Command accounting allows the HWTACACS

server to record all commands executed by

users, regardless of command execution results.

This helps control and monitor user operations

on the device. If command accounting is

enabled and command authorization is not

enabled, every executed command is recorded

on the HWTACACS server. If both command

accounting and command authorization are

enabled, only the authorized and executed

commands are recorded on the HWTACACS

server.

—

Optional.

By default, the AAA scheme is local.

If you specify the local AAA scheme, you must

perform local user configuration. If you specify an

existing scheme by providing the radius-scheme-

name argument, perform the following

configuration as well:

•

For RADIUS and HWTACACS configuration,

see Security Configuration Guide.

•

Configure the username and password on the

AAA server. (For more information, see Security

Table of Contents

Advertisement

Table of Contents

Related Products for HP A5830 Series