H3C S7500E Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

851

852

853

854

855

856

857

858

859

860

Operation Manual – AAA RADIUS HWTACACS

H3C S7500E Series Ethernet Switches

Chapter 1 AAA/RADIUS/HWTACACS

Configuration

1-20

 Note:

z With the accounting optional command configured, a user that will be

disconnected otherwise can use the network resources even when there is no

available accounting server or the communication with the current accounting

server fails.

z Local accounting scheme is not used for real accounting implementation, but

together with the attribute access-limit command for limiting the number of local

user connections. However, with the accounting optional command configured,

the limit on the number of local user connections is not effective.

z The accounting scheme specified with the accounting default command is for all

types of users and has a priority lower than that for a specific access mode.

z With the radius-scheme radius-scheme-name local or hwtacacs-scheme

hwtacacs-scheme-name local keyword and argument combination configured, the

local scheme is the backup scheme and is used only when the RADIUS server or

HWTACACS server is not available.

z If the primary accounting scheme is local or none, the system performs local

accounting or does not perform any accounting, rather than uses the RADIUS or

HWTACACS scheme.

z With the access mode of login, accounting is not supported for FTP services.

1.3.7 Configuring Local User Attributes

For local authentication, you must create a local user and configure the attributes.

A local user represents a set of users configured on a device, which are uniquely

identified by the username. For a user requesting network service to pass local

authentication, you must add an entry as required in the local user database of the

device.

Follow these steps to configure the attributes for a local user:

To do… Use the command… Remarks

Enter system view

system-view

—

Set the password display

mode for all local users

local-user

password-display-mode

{ auto | cipher-force }

Optional

auto by default

Add a local user and enter

local user view

local-user user-name

Required

No local user is

configured by default

Configure a password for

the local user

password { cipher |

simple } password

Optional