R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101
85
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of
1 to 32 characters.
Description
Use authentication super to configure the authentication method for user privilege level switching.
Use undo authentication super to restore the default.
By default, the default authentication method for the ISP domain is used for user privilege level switching
authentication.
The specified RADIUS or HWTACACS authentication scheme must have been configured.
Related commands: hwtacacs scheme and radius scheme; super authentication-mode (Getting Started
Command Reference).
Examples
# Configure ISP domain test to use HWTACACS scheme tac for user privilege level switching
authentication.
<Sysname> system-view
[Sysname] super authentication-mode scheme
[Sysname] domain test
[Sysname-domain-test] authentication super hwtacacs-scheme tac
authorization command
Syntax
authorization command { hwtacacs-scheme hwtacacs-scheme-name [ local | none ] | local | none }
undo authorization command
View
ISP domain view
Default level
2: System level
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
local: Performs local authorization.
none: Does not perform any authorization exchange. In this case, an authenticated user can access only
commands of Level 0.
Description
Use authorization command to configure the command line authorization method.
Use undo authorization command to restore the default.
By default, the default authorization method for the ISP domain is used for command line authorization.