H3C SR6600 Fundamentals Configuration Manual page 54
Hide thumbs
Also See for SR6600:
- Command reference manual (265 pages) ,
- Configuration manual (145 pages) ,
- Manual (80 pages)
Table of Contents
Advertisement
To do...
Enable command authorization
Enable command accounting
Exit to system view
Enter the default ISP
domain view
Specify the AAA
scheme to be applied to
the domain
Configure
the
authentic
ation
mode
Exit to system view
Create a local user and enter local
user view
Use the command...
command authorization
command accounting
quit
domain domain-name
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-name [ local ]
| local | none | radius-scheme
radius-scheme-name [ local ] }
quit
local-user user-name
3-43
Remarks
Optional
By default, command authorization
is not enabled.
Create a HWTACACS scheme,
and specify the IP address of
the authorization server and
other authorization parameters.
For more information, see AAA
in the Security Configuration
Guide.
Reference
the
HWTACACS scheme in the ISP
domain. For more information,
see
AAA
in
the
Configuration Guide.
Optional
By
default,
accounting is disabled. The
accounting server does not
record the commands executed
by users.
Command accounting allows
the
HWTACACS
record all executed commands
that are supported by the
device,
regardless
command execution result. This
helps control and monitor user
operations on the device. If
command
accounting
enabled
and
authorization is not enabled,
every executed command is
recorded on the HWTACACS
server.
If
both
accounting
and
authorization are enabled, only
the authorized and executed
commands are recorded on the
HWTACACS server.
—
Optional
By default, the AAA scheme is
local.
If you specify the local AAA
scheme, perform the configuration
concerning local user as well. If you
specify an existing scheme by
providing the radius-scheme-name
argument, perform the following
configuration as well:
For RADIUS and HWTACACS
configuration, see AAA in the
Security Configuration Guide.
Configure the username and
password accordingly on the
AAA
server.
(For
information, see AAA in the
Security Configuration Guide.)
By default, no local user exists.
created
Security
command
server
to
of
the
is
command
command
command
more
Advertisement
Table of Contents
