Manualshelf

Service Manual

ManualsBrandsDell ManualsserversDell Force10 MXL Blade
1071107210731074107510761077107810791080
Usage Information
By default, access to commands are determined by the user’s role (if defined) or by the user’s privilege level. If the
aaa authorization role-only command is enabled, then only the user’s role is used.
Before you enable role-based only AAA authorization:
1 Locally define a system administrator user role.This will give you access to login with full permissions even if
network connectivity to remote authentication servers is not available.
2 Configure login authentication on the console. This ensures that all users are properly identified through
authentication no matter the access point
3 Specify an authentication method (RADIUS, TACACS+, or Local).
4 Specify authorization method (RADIUS, TACACS+ or Local).
5 Verify the configuration has been applied to the console or VTY line.
Related Commands login authentication, password, radius-server host, tacacs-server host
aaa authorization config-commands
Set parameters that restrict (or permit) a user’s access to EXEC level commands.
Syntax
aaa authorization config-commands
Disable authorization checking for CONFIGURATION level commands using the no aaa authorization
config-commands command.
Defaults Enabled when you configure aaa authorization commands command.
Command Modes CONFIGURATION
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module.
Usage Information By default, the aaa authorization commands command configures the system to check both EXEC level
and CONFIGURATION level commands. To enable only EXEC-level command checking, use the command no
aaa authorization config-commands
.
aaa authorization exec
Set parameters that restrict (or permit) a user’s access to EXEC-level commands.
Syntax
aaa authorization exec {name | default} {local || tacacs+ || if-authenticated
|| none}
To disable authorization checking for EXEC level commands, use the no aaa authorization exec
command.
Parameters
name Define a name for the list of authorization methods.
default Define the default list of authorization methods.
Security 1075