H3C S5500-HI Series Fundamentals Configuration Manual page 59

If password aging is enabled, make sure passwords for legal users are within the validity period.
•
To configure scheme authentication for modem dial-in users:
Step
1. Enter system view.
2. Enter AUX user
interface view.
Enable scheme
3.
authentication.
4. Enable command
authorization.
5. Enable command
accounting.
6. Exit to system view.
Command
system-view
user-interface aux first-number
[ last-number ]
authentication-mode scheme
command authorization
command accounting
quit
47
Remarks
N/A
N/A
Whether local, RADIUS, or HWTACACS
authentication is adopted depends on
the configured AAA scheme.
By default, no authentication is
performed for modem dial-in users in
non-FIPS mode and scheme
authentication is used in FIPS mode.
Optional.
By default, command authorization is
disabled. The commands available for a
user only depend on the user privilege
level.
If command authorization is enabled, a
command is available only if the user has
the commensurate user privilege level
and is authorized to use the command by
the AAA scheme.
Optional.
By default, command accounting is
disabled. The accounting server does not
record the commands executed by users.
Command accounting allows the
HWTACACS server to record all
executed commands that are supported
by the device, regardless of the
command execution result. This function
helps control and monitor user behaviors
on the device. If command accounting is
enabled and command authorization is
not enabled, every executed command is
recorded on the HWTACACS server. If
both command accounting and
command authorization are enabled,
only the authorized and executed
commands are recorded on the
HWTACACS server.
N/A