Rbac Configuration Examples; Rbac Configuration Example For Local Aaa Authentication Users - HPE FlexFabric 5940 Series Configuration Manual
Fundamentals configuration guide
Hide thumbs
Also See for FlexFabric 5940 Series:
- Security configuration manual (571 pages) ,
- Configuration manual (334 pages) ,
- Fundamentals command reference (289 pages)
Table of Contents
Advertisement
Task
Display user role feature
information.
Display user role feature group
information.
RBAC configuration examples
RBAC configuration example for local AAA authentication
users
Network requirements
As shown in
account for the Telnet user is user1@bbb and is assigned user role role1.
Configure role1 to have the following permissions:
•
Can execute the read commands of any feature.
•
Cannot configure any VLAN except VLANs 10 to 20.
Figure 2 Network diagram
Configuration procedure
# Assign an IP address to VLAN-interface 2 (the interface connected to the Telnet user).
<Switch> system-view
[Switch] interface vlan-interface 2
[Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0
[Switch-Vlan-interface2] quit
# Enable Telnet server.
[Switch] telnet server enable
# Enable scheme authentication on the user lines for Telnet users.
[Switch] line vty 0 63
[Switch-line-vty0-63] authentication-mode scheme
[Switch-line-vty0-63] quit
# Enable local authentication and authorization for ISP domain bbb.
[Switch] domain bbb
[Switch-isp-bbb] authentication login local
[Switch-isp-bbb] authorization login local
[Switch-isp-bbb] quit
# Create user role role1.
[Switch] role name role1
# Configure rule 1 to permit the user role to access the read commands of all features.
Command
display role feature [ name feature-name | verbose ]
display role feature-group [ name feature-group-name ] [ verbose ]
Figure
2, the switch performs local AAA authentication for the Telnet user. The user
29
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
