To Next Page

To Previous Page

NOTE:

• To be compatible with privilege-based access control, the device automatically converts privilege-based

user levels (0 to 15) assigned by an AAA server to RBAC user roles (level-0 to level-15).

• If the AAA server assigns a privilege-based user level and a user role to a user, the user can use the

collection of commands and resources accessible to both the user level and the user role.

Assigning user roles to local AAA authentication users

Configure user roles for local AAA authentication users in their local user accounts. Every local user has

a default user role. If this default user role is not suitable, delete the default user role.

If a local user is the only user with the security-audit user role, the user cannot be deleted.

The security-audit user role is mutually exclusive with other user roles.

• When you assign the security-audit user role to a local user, the system requests confirmation to

delete all the other user roles of the local user first.

• When you assign the other user roles to a local user who has been assigned the security-audit user

role, the system requests confirmation to delete the security-audit user role for the local user first.

To assign a user role to a local user:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

2. Create a local user and

enter local user view.

local-user user-name class

{ manage | network }

N/A

3. Authorize the user to have a

user role.

authorization-attribute user-role

role-name

Repeat this step to assign the user to up

to 64 user roles.

By default, network-operator is

assigned to local users created by a

network-admin or level-15 user.

Assigning user roles to non-AAA authentication users on user

lines

Specify user roles for the following two types of login users on the user lines:

• Users who use password authentication or no authentication.

• SSH clients that use publickey or password-publickey authentication. User roles assigned to these

SSH clients are specified in their respective local device management user accounts.

For more information about user lines, see "Login overview" and "Logging in to the CLI." For more

inf

ormation about SSH, see Security Configuration Guide.

To assign a user role to non-AAA authentication users on a user line:

Ste

Command

Remarks

1. Enter system view.

system-view N/A

Questions and Answers:

Need help?

Do you have a question about the HP 5130 EI series and is the answer not in the manual?

HP 5130 EI series Specifications

General

Layer	Layer 3
VLANs	4094
Multicast Protocols	IGMP, PIM
Operating Temperature	0°C to 45°C
Model	HP 5130 EI
Ports	24 or 48 10/100/1000 ports
Uplink Ports	4 x 1/10G SFP+
Stacking	Up to 9 switches
Power over Ethernet (PoE)	PoE+ (IEEE 802.3at) on PoE+ models (JG936A, JG937A)
Management	Web, CLI, SNMP
MAC Address Table Size	32, 000 entries
Routing Protocols	OSPF, RIP, BGP, static routing
Operating Humidity	10% to 90% (non-condensing)