Configuration Guide (Supporting R2.2.0.0) Owner's manual
858 Brocade 6910 Ethernet Access Switch Configuration Guide
53-1002651-02
42
AAA Authentication, Authorization and Accounting
FIGURE 179 Displaying Statistics for AAA Accounting Sessions
Configuring AAA Authorization
Use the Security > AAA > Authorization page to enable authorization of requested services, and
also to display the configured authorization methods, and the methods applied to specific
interfaces.
CLI References
• “AAA” on page 151
Command Usage
• This feature performs authorization to determine if a user is allowed to run an Exec shell.
• AAA authentication through a RADIUS or TACACS+ server must be enabled before authorization
is enabled.
Parameters
These parameters are displayed:
Configure Method
• Authorization Type – Specifies the service as Exec, indicating administrative authorization for
local console, Telnet, or SSH connections.
• Method Name – Specifies an authorization method for service requests. The “default” method
is used for a requested service if no other methods have been defined. (Range: 1-64
characters)
• Server Group Name - Specifies the authorization server group. (Range: 1-64 characters)
The group name “tacacs+” specifies all configured TACACS+ hosts (see “Configuring
Local/Remote Logon Authentication” on page 848). Any other group name refers to a server
group configured on the TACACS+ Group Settings page. Authorization is only supported for
TACACS+ servers.
Configure Service
• Console Method Name – Specifies a user defined method name to apply to console
connections.
• Telnet Method Name – Specifies a user defined method name to apply to Telnet connections.
Show Information
• Authorization Type - Displays the authorization service.
• Method Name - Displays the user-defined or default accounting method.
• Server Group Name - Displays the authorization server group.