Manualshelf

CLI Guide

ManualsBrandsDell ManualsAccess PlatformsOS9
1411141214131414141514161417141814191420
show users
username
aaa authorization role-only
Configure authentication to use the users role only when determining if access to commands is permitted.
Syntax
aaa authorization role-only
To return to the default setting, use the no aaa authentication role-only command.
Parameters
name
Enter a text string for the name of the user up to 63 characters. It cannot be one
of the system defined roles (sysadmin, secadmin, netadmin, netoperator).
inherit
existing-
role-name
Enter the inherit keyword then specify the system defined role to inherit
permissions from (sysadmin, secadmin, netadmin, netoperator).
Defaults none
Command Modes CONFIGURATION
Command
History
This guide is platform-specific. For command information about other platforms, see the relevant Dell
EMC Networking OS Command Line Reference Guide.
Version Description
9.8(1.0) Introduced on the Z9100-ON.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000-ON.
9.5(0.0) Introduced on the Z9000, S6000, S4820T, S4810, and MXL.
Usage
Information
By default, access to commands are determined by the users role (if defined) or by the users privilege
level. If the aaa authorization role-only command is enabled, then only the users role is used.
Before you enable role-based only AAA authorization:
1. Locally define a system administrator user role.This will give you access to login with full permissions
even if network connectivity to remote authentication servers is not available.
2. Configure login authentication on the console. This ensures that all users are properly identified
through authentication no matter the access point
3. Specify an authentication method (RADIUS, TACACS+, or Local).
4. Specify authorization method (RADIUS, TACACS+ or Local).
5. Verify the configuration has been applied to the console or VTY line.
Related
Commands
login authentication, password, radius-server host, tacacs-server host
role
Changes command permissions for roles.
Syntax
role mode { { { addrole | deleterole } role-name } | reset } command
To delete access to a command, use the no role mode role-name
Parameters
mode
Enter one of the following keywords as the mode for which you are controlling
access:
1420 Security