HP 5830 Series Configuration Manual page 24

Hide thumbs Also See for 5830 Series:

Installation manual (66 pages)

Configuration manual (82 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

Table of Contents

in again, but the commands they can execute have changed. For example, with the user privilege level

3, a user can configure system parameters. After switching to user privilege level 0, the user can execute

only basic commands like ping and tracert and use a few display commands. The switching operation

is effective for the current login. After the user logs in again, the user privilege restores to the original

level.

To avoid problems, HP recommends that administrators log in with a lower privilege level to view switch

operating parameters, and switch to a higher level temporarily only when they must maintain the device.

When administrators must leave for a while or ask someone else to manage the device temporarily, they

can switch to a lower privilege level before they leave to restrict the operation by others.

Configuring the authentication parameters for user privilege level switching

A user can switch to a lower privilege level without authentication. To switch to a higher privilege level,

however, a user must provide the privilege level switching authentication information (if any).

shows the privilege level switching authentication modes the device supports.

Table 8 Privilege level switching authentication modes

Authentication

mode

Local password

authentication

only (local-only)

Remote AAA

authentication

through

HWTACACS or

RADIUS

Local password

authentication first

and then remote

AAA

authentication

Remote AAA

authentication first

and then local

password

authentication

To configure the authentication parameters for a user privilege level:

Step

Enter system view.

Keywords

Description

The device uses the locally configured passwords for privilege level

switching authentication.

local

To use this mode, you must set the password for privilege level

switching using the super password command.

The device sends the username and password for privilege level

switching to the HWTACACS or RADIUS server for remote

authentication.

To use this mode, you must perform the following configuration

tasks:

scheme

•

The device first uses the locally configured passwords for privilege

level switching authentication. If no local password is set, the device

local scheme

allows AUX users to switch their privilege levels without

authentication, but performs AAA authentication for VTY users.

AAA authentication is performed first, and if the remote

HWTACACS or RADIUS server does not respond or AAA

scheme local

configuration on the device is invalid, the local password

authentication is performed.

Command

system-view

Configure the required HWTACACS or RADIUS schemes and

configure the ISP domain to use the schemes for users. For more

information, see Security Configuration Guide.

Add user accounts and specify the user passwords on the

HWTACACS or RADIUS server.

Remarks

N/A

Table 8

Table of Contents

Show Quick Links

Quick Links:
Saving the Running Configuration

Hide quick links:

Table of Contents

HP 5830 Series Configuration Manual page 24

Hide quick links:

Related Manuals for HP 5830 Series

Related Products for HP 5830 Series

Table of Contents