# Assign level-0 to the user.
[Switch-luser-manage-test] authorization-attribute user-role level-0
# Remove the default user role network-operator.
[Switch-luser-manage-test] undo authorization-attribute user-role network-operator
[Switch-luser-manage-test] quit
# Set the local authentication password to 654321 for the user role level-3.
[Switch] super password role level-3 simple 654321
[Switch] quit
# Set the local authentication password to 654321 for the user role network-admin.
[Switch] super password role network-admin simple 654321
[Switch] quit
2.
Configure the HWTACACS server:
This example uses ACSv4.0.
a.
Access the User Setup page.
b.
Add a user account test. (Details not shown.)
c.
In the Advanced TACACS+ Settings area, configure the following parameters:
Select Level 3 for the Max Privilege for any AAA Client option.
−
If the target user role is only network-admin for temporary user role authorization, you can
select any level for the option.
Select the Use separate password option, and specify enabpass as the password.
−
35