R21xx-HP FlexFabric 11900 Fundamentals Command Reference
56
Use undo role to delete a user role.
Syntax
role name role-name
undo role name role-name
Default
The system has 18 predefined user roles: network-admin, network-operator, and level-n (where n
represents an integer in the range of 0 to 15).
Views
System view
Predefined user roles
network-admin
Parameters
name role-name: Specifies a username. The role-name argument is a case-sensitive string of 1 to 63
characters.
Usage guidelines
You can create up to 64 user roles in addition to the predefined user roles.
To change the permissions assigned to a user role, you must first enter its view.
You cannot delete the predefined user roles or change the permissions assigned to network-admin,
network-operator, or level-15.
Level-0 to level-14 users can modify their own permissions for any commands except for the display
history-command all command.
Examples
# Create the user role role1 and enter its view.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1]
Related commands
• display role
• interface policy deny
• rule
• vlan policy deny
• vpn-instance policy deny
role default-role enable
Use role default-role enable to enable the default user role feature for AAA users.
Use undo role default-role enable to restore the default.
Syntax
role default-role enable
undo role default-role enable