Role Default-Role Enable - HPE FlexFabric 5940 Series Fundamentals Command Reference

Parameters
name role-name: Specifies a username. The role-name argument is a case-sensitive string of 1 to
63 characters.
Usage guidelines
You can create a maximum of 64 user roles in addition to the predefined user roles.
You cannot delete the predefined user roles or change the permissions assigned to network-admin,
network-operator, level-15, or security-audit.
You cannot assign the security-audit user role to non-AAA authentication users.
The access permissions of the level-0 to level-14 user roles can be modified through user role rules
and resource access policies. However, you cannot make changes on the predefined access
permissions of these user roles. For example, you cannot change the access permission of these
user roles to the display history-command all command.
Examples
# Create user role role1 and enter its view.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1]
Related commands
display role
interface policy deny
rule
vlan policy deny
vpn-instance policy deny

role default-role enable

Use role default-role enable to enable the default user role feature for remote AAA users.
Use undo role default-role enable to restore the default.
Syntax
role default-role enable [ role-name ]
undo role default-role enable
Default
The default user role feature is disabled. AAA users who do not have a user role cannot log in to the
device.
Views
System view
Predefined user roles
network-admin
Parameters
role-name: Specifies a user role by its name for the default user role. The user role must already
exist. The argument is a case-sensitive string of 1 to 63 characters.
33