Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 100-node License
41424344454647484950
38
Effective Time/Expiration TimeClick the Calendar icon to specify the effective time
range for the policy. Or, enter the effective time range in the format of YYYY-MM-DD hh:mm.
DescriptionEnter a brief description of the authorized time range policy for easy
maintenance.
5. Configure authorized time range information:
a. Click Add in the Authorized Time Range Information area.
The Authorized Time Range Policy Information window appears.
b. Select an authorized time range type.
The authorized time range types include Once, By Year, By Month, By Week, and By Day.
c. Specify the start time and end time.
If you select the Once type, specify the start time and end time in the format of YYYY-MM-DD
hh:mm:ss. If you select the By Year type, specify the start time and end time in the format of
MM-DD hh:mm:ss. If you select the By Month type, specify the start time and end time in the
format of DD hh:mm:ss. If you select the By Week type, specify the start time and end time in
the format of Day hh:mm:ss. If you select the By Day type, specify the start time and end time
in the format of hh:mm:ss.
d. Click OK.
e. To delete a time range, click the Delete icon for the time range.
If you configure multiple time ranges, the authorized time range policy takes the union of all
time ranges. For example, if you configure two time ranges, A (10:00 to 11:00 every morning)
and B (10:30 to 12:00 every morning), the final effective authorized time range is 10:00 to
12:00 every morning.
6. Click OK.
Modifying an authorized time range policy
The following describes how the modifications to an authorized time range policy affect online users
(device users who have logged in to the devices):
A modification does not affect the shell profiles that have been authorized to the online users.
If a modification to the authorized time range policy results in an authorization scenario change to
an online user, the command set configured for the new scenario applies to the user.
For example, suppose an authorization policy contains scenarios A and B. Scenario A includes
authorized time range T (8:00 to 10:00 in the morning) and command set X. Scenario B includes
authorized time range M (6:00 to 12:00 in the morning) and command set Y.
Scenario A has a higher priority than Scenario B. If a user logs in to the device at 8:30 a.m.,
authorization scenario A applies and the user is controlled by command set X.
If you change the authorized time range T to "8:00 to 9:00" at 9:30, then authorization scenario B
instead of A applies to the user, and the user is controlled by command set Y. For more information about
authorization policies, see "Authorization policy."
To modify an authorized time range policy:
1. Click the Service tab.
2. Select TACACS+ AuthN Manager > Authorization Scenarios > Authorized time range Policies from
the navigation tree.
The Authorized Time Range Policy List displays all authorized time range policies.