Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 500-node License
51525354555657585960
47
6. Click OK.
Copying a command set
Copying a command set allows you to create a similar command set, reducing the workload.
To copy a command set:
1. Click the Service tab.
2. Select TACACS+ AuthN Manager > Authorization Command > Command Sets from the navigation
tree.
The Command Set List displays all command sets.
3. Click the Copy icon for the command set you want to copy.
The Add Command Set page appears. The command set name is Copy+source command set.
Other fields are the same as the source command set. You simply need to modify the content to
create a new command set.
4. Modify the basic information:
Command Set NameEnter the name of the command set, which must be unique in TAM.
Default Authorization TypeSelect Permit or deny. Permit means a device user can use
commands not in the command set. Deny means a user cannot use commands not in the
command set. After you configure the authorization mode of a command, the priority of the
configured authorization type takes precedence over the default authorization type.
DescriptionEnter a description for the command set to aid maintenance.
5. Modify the command set information:
Each line in a command set list defines a rule, which permits or denies a user to execute one
command or multiple commands defined by *.
a. Click Add in the Command Set Information area.
b. Select Permit or Deny from the Authorization list.
c. Enter a command name, which is usually the keyword of the command. For example, the name
of the display current-configuration command is display. When you configure a command
name in TAM, you must enter the complete name of the command. For example, you cannot
enter dis or disp. However, when you enter a command on the device, you can enter part of
a keyword. For example, you can enter disp for display.
d. Enter the command parameters. You can enter one or more parameters. For example, the
parameter of the display current-configuration command is current-configuration. When you
configure a parameter in TAM, you must enter the complete parameter. For example, you
cannot enter cur or current for current-configuration. However, when you enter a command
parameter on the device, you can enter part of a parameter. For example, you can enter
current for current-configuration. In addition, you can enter * or keep the Parameters field
empty. * means to match any parameter. Empty means to match no parameter.
e. Click OK.
f. Click the icon or to raise or decrease the priority of the rule. If the command you
execute matches multiple rules, the rule with the highest priority applies.
g. Click the Modify icon for the target rule. Repeat steps b through e.
h. To delete a rule, click the delete icon for the target rule.
6. Click OK.