Manualshelf

R0106-HP MSR Router Series Security Command Reference(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR2003 AC Router
31323334353637383940
18
and two backup methods (local authorization and no authorization). The device performs HWTACACS
authorization by default and performs local authorization when the HWTACACS server is invalid. The
device does not perform command authorization when both of the previous methods are invalid.
Examples
# Configure ISP domain test to use local command authorization.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization command local
# Configure ISP domain test to use HWTACACS scheme hwtac for command authorization and use local
authorization as the backup authorization method.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization command hwtacacs-scheme hwtac local
Related commands
authorization accounting (Fundamentals Command Reference)
hwtacacs scheme
local-user
authorization default
Use authorization default to specify the default authorization method for an ISP domain.
Use undo authorization default to restore the default.
Syntax
In non-FIPS mode:
authorization default { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme radius-scheme-name ]
[ local ] [ none ] | local [ none ] | none | radius-scheme radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
undo authorization default
In FIPS mode:
authorization default { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme radius-scheme-name ]
[ local ] | local | radius-scheme radius-scheme-name [ hwtacacs-scheme hwtacacs-scheme-name ]
[ local ] }
undo authorization default
Default
The default authorization method of an ISP domain is local.
Views
ISP domain view
Predefined user roles
network-admin