Enable Authorization Commands For Console Line; Configuring Aaa Accounting - HP ProCurve 7000dl Series Basic Management And Configuration Manual

Controlling Management Access to the ProCurve Secure Router
Using the AAA Subsystem to Control Management Access
Assign a Named List That Allows Immediate Entry to the Enable Mode
Context. To assign a named list that allows authorized users to immediately
enter the enable mode context when they start a new CLI session, enter the
following command from the appropriate line configuration mode context:
Syntax: authorization exec [default | <named list>]
Enter default if you configured a default named list or replace <named list>
with the name of the list that you created.

Enable Authorization Commands for Console Line

If you want to configure authorization commands for the console line, you
must enable this capability. From the global configuration mode context,
enter:
Syntax: aaa authorization console
N o t e
Take care when you configure authorization for the console line. If you are
not careful, you may prohibit yourself from entering commands from the
console.
To disable authorization through the console line, enter:
Syntax: no aaa authorization console
By default, authorization commands can be configured for the enable mode
context. To disable authorization for the enable mode context, enter the
following command from the global configuration mode context:
Syntax: no aaa authorization config-command
To reinstate this capability, enter:
Syntax: aaa authorization config-command

Configuring AAA Accounting

If your network includes a TACACS+ server, you can use it to track which
users access the ProCurve Secure Router and the configuration changes that
those users make. When you configure AAA accounting on the ProCurve
Secure Router, it will send configuration information to the TACACS+ server
that you specify.
2-27