Manualshelf

HP MSR2000/3000/4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
21222324252627282930
15
Examples
# Configure ISP domain test to use local command authorization.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization command local
# Configure ISP domain test to use HWTACACS scheme hwtac for command authorization and use local
authorization as the backup authorization method.
<Sysname> system-view
[Sysname] domain test
[Sysname-isp-test] authorization command hwtacacs-scheme hwtac local
Related commands
authorization accounting (Fundamentals Command Reference)
hwtacacs scheme
local-user
authorization default
Use authorization default to specify the default authorization method for an ISP domain.
Use undo authorization default to restore the default.
Syntax
In non-FIPS mode:
authorization default { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme radius-scheme-name ]
[ local ] [ none ] | local [ none ] | none | radius-scheme radius-scheme-name [ hwtacacs-scheme
hwtacacs-scheme-name ] [ local ] [ none ] }
undo authorization default
In FIPS mode:
authorization default { hwtacacs-scheme hwtacacs-scheme-name [ radius-scheme radius-scheme-name ]
[ local ] | local | radius-scheme radius-scheme-name [ hwtacacs-scheme hwtacacs-scheme-name ]
[ local ] }
undo authorization default
Default
The default authorization method of an ISP domain is local.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
local: Performs local authorization.