1-21
management of user attributes for the local users in the group. Currently, you can configure password
control attributes and authorization attributes for a user group.
By default, every newly added local user belongs to the user group of system and bears all attributes
of the group. User group system is automatically created by the device.
Follow these steps to configure the attributes for a user group:
To do… Use the command… Remarks
Enter system view system-view —
Create a user group and enter user
group view
user-group group-name Required
Configure the authorization
attributes for the user group
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute |
level level | user-profile profile-name |
vlan vlan-id | work-directory
directory-name } *
Optional
By default, no
authorization
attribute is
configured for a
user group.
Tearing down User Connections Forcibly
Follow these steps to tear down user connections forcibly:
To do… Use the command… Remarks
Enter system view system-view —
Tear down AAA user
connections forcibly
cut connection { access-type
{ dot1x | mac-authentication }
| all | domain isp-name |
interface interface-type
interface-number | ip
ip-address | mac mac-address
| ucibindex ucib-index |
user-name user-name | vlan
vlan-id } [ slot slot-number ]
Required
Applies to only LAN access
user connections at present
Displaying and Maintaining AAA
To do… Use the command… Remarks
Display the configuration
information of a specified ISP
domain or all ISP domains
display domain [ isp-name ] Available in any view
Display information about
specified or all user connections
display connection [access-type
{ dot1x | mac-authentication } |
domain isp-name | interface
interface-type interface-number | ip
ip-address | mac mac-address |
ucibindex ucib-index | user-name
user-name | vlan vlan-id ] [ slot
slot-number ]
Available in any view
To Next Page
Loading...
