EasyManua.ls Logo

Cisco Nexus 5500 Series - Aaa Authorization Commands Default

Cisco Nexus 5500 Series
378 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
9
Cisco Nexus 5500 Series NX-OS Security Command Reference
OL-27883-02
Chapter A Commands
aaa authorization commands default
aaa authorization commands default
To configure default authentication, authorization, and accounting (AAA) authorization methods for all
EXEC commands, use the aaa authorization commands default command. To revert to the default, use
the no form of this command.
aaa authorization commands default [group group-list] [local | none]
no aaa authorization commands default [group group-list] [local | none]
Syntax Description
Command Default None
Command Modes Global configuration mode
Command History
Usage Guidelines To use this command, you must enable the TACACS+ feature by using the feature tacacs+ command.
The group tacacs+ and group group-list methods refer to a set of previously defined TACACS+ servers.
Use the tacacs-server host command to configure the host servers. Use the aaa group server command
to create a named group of servers. Use the show aaa groups command to display the server groups on
the device.
If you specify more than one server group, the Cisco NX-OS software checks each group in the order
that you specify in the list. The local method or the none method is used only if all the configured server
groups fail to respond and you have configured local or none as the fallback method.
If you specify the group method or local method and it fails, then the authorization can fail. If you
specify the none method alone or after the group method, then the authorization always succeeds.
Examples This example shows how to configure the default AAA authorization methods for EXEC commands:
group (Optional) Specifies to use a server group for authorization.
group-list List of server groups.
The list can include the following:
tacacs+ for all configured TACACS+ servers.
Any configured TACACS+ server group name.
The name can be a space-separated list of server groups, and a maximum of
127 characters.
local (Optional) Specifies to use the local role-based database for authorization.
none (Optional) Specifies to use no database for authorization.
Release Modification
5.2(1)N1(1) This command was introduced.

Table of Contents

Other manuals for Cisco Nexus 5500 Series

Preview: Command Reference Guide
Command Reference Guide460 pages
Preview: Configuration Guide
Configuration Guide160 pages

Related product manuals