Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T

751

752

753

754

755

756

757

758

759

760

The following example removes the secadmin access to LINE mode and then veries that the security administrator can no longer

access LINE mode, using the show role mode configure line command in EXEC Privilege mode.

Dell(conf)#role configure deleterole secadmin ?

LINE Initial keywords of the command to modify

Dell(conf)#role configure deleterole secadmin line

Dell(conf)#do show role mode ?

configure Global configuration mode

exec Exec Mode

interface Interface configuration mode

line Line Configuration mode

route-map Route map configuration mode

router Router configuration mode

Dell(conf)#do show role mode configure line

Role access:sysadmin

Example: Grant and Remove Security Administrator Access to Congure Protocols

By default, the system dened role, secadmin, is not allowed to congure protocols. The following example rst grants the

secadmin role to congure protocols and then removes access to congure protocols.

Dell(conf)#role configure addrole secadmin protocol

Dell(conf)#role configure deleterole secadmin protocol

Example: Resets Only the Security Administrator role to its original setting.

The following example resets only the secadmin role to its original setting.

Dell(conf)#no role configure addrole secadmin protocol

Example: Reset System-Dened Roles and Roles that Inherit Permissions

In the following example the command protocol permissions are reset to their original setting or one or more of the system-dened

roles and any roles that inherited permissions from them.

Dell(conf)#role configure reset protocol

Adding and Deleting Users from a Role

To create a user name that is authenticated based on a user role, use the username name password encryption-type password

role role-name command in CONFIGURATION mode.

Example

The following example creates a user name that is authenticated based on a user role.

Dell (conf) #username john password 0 password role secadmin

The following example deletes a user role.

NOTE: If you already have a user ID that exists with a privilege level, you can add the user role to username that has a

privilege

Dell (conf) #no username john

The following example adds a user, to the secadmin user role.

Dell (conf)#username john role secadmin password 0 password

AAA Authentication and Authorization for Roles

This section describes how to congure AAA Authentication and Authorization for Roles.

Conguration Task List for AAA Authentication and Authorization for Roles

This section contains the following AAA Authentication and Authorization for Roles conguration tasks:

Security

755