Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 1000-node E-LTU
41424344454647484950
42
5. ACLEnter an ACL ID or name.
An ACL controls whether a user can log in to the device. ACL rules must be configured on the
device. TAM deploys only the ACL number or name. If the request sent by a user for logging in to
the device matches the permit rule of the ACL, the user can log in to the device. If it matches the
deny rule of the ACL, the user cannot log in to the device.
6. Privilege LevelSelect a privilege level.
A privilege level corresponds to the default command set that a user can use after login. Users
cannot view and execute the commands not in the command set. Privilege levels vary depending
on vendors. HP recommends that you see the configuration guide of the device and select a
privilege level from privilege levels 0 through 15 provided by TAM.
7. Enter the idle time.
If a user does not perform any operation within the idle time, the user is forced to log out.
8. Enter the timeout.
Duration that a user can manage the device. If the timeout is reached, the user is forced to log out.
9. Enter the command to be automatically executed after user login.
Only one automatically executed command can be configured.
10. Click Add Attribute.
A text box appears. Enter a custom attribute. For example, enter ftp-directory=flash:/ if you want
the user to use the default directory flash:/ after logging in to the device through FTP. To delete a
configured attribute, click Delete. To add another attribute, click Add Attribute again. You can add
up to five attributes. Custom attributes vary depending on vendors. For more information, see the
configuration guide of the device.
11. DescriptionEnter a description for the shell profile to aid maintenance.
12. Click OK.
Modifying a shell profile
Modifying a shell profile does not affect online users (users that have logged in to the device). The ACL,
automatically executed command, privilege level, custom attribute, idle time, and timeout are not
changed when a shell profile is changed. A new shell profile takes effect only when an online user logs
out and logs in again.
To modify a shell profile:
1. Click the Service tab.
2. Select TACACS+ AuthN Manager > Authorization Command > Shell Profiles from the navigation
tree.
The Shell Profile List displays all shell profiles.
3. Click the Modify icon for the shell profile you want to modify. The Modify Shell Profile page
appears.
4. Enter the shell profile name, which must be unique in TAM.
5. Enter the ACL.
An ACL controls whether a user can log in to the device. ACL rules must be configured on the
device. TAM deploys only the ACL number or name. If the request sent by a user for logging in to
the device matches the permit rule of the ACL, the user can log in to the device. If it matches the
deny rule of the ACL, the user cannot log in to the device.