To Next Page

To Previous Page

# Enable local authentication and authorization for the ISP domain bbb.

[Switch] domain bbb

[Switch-isp-bbb] authentication login local

[Switch-isp-bbb] authorization login local

[Switch-isp-bbb] quit

# Create the user role role1.

[Switch] role name role1

# Configure rule 1 to permit the user role to access read commands of all features.

[Switch-role-role1] rule 1 permit read feature

# Configure rule 2 to permit the user role to create VLANs and access commands in VLAN view.

[Switch-role-role1] rule 2 permit command system-view ; vlan *

# Change the VLAN policy to permit the user role to configure only VLANs 10 to 20.

[Switch-role-role1] vlan policy deny

[Switch-role-role1-vlanpolicy] permit vlan 10 to 20

[Switch-role-role1-vlanpolicy] quit

[Switch-role-role1] quit

# Create a device management user named user1 and enter local user view.

[Switch] local-user user1 class manage

# Set a plaintext password aabbcc for the user.

[Switch-luser-manage-user1] password simple aabbcc

# Set the service type to Telnet.

[Switch-luser-manage-user1] service-type telnet

# Assign role1 to the user.

[Switch-luser-manage-user1] authorization-attribute user-role role1

# To make sure the user has only the permissions of role1, remove the user from the default user role

network-operator.

[Switch-luser-manage-user1] undo authorization-attribute user-role network-operator

[Switch-luser-manage-user1] quit

Verifying the configuration

# Telnet to the switch, and enter the username and password to access the switch. (Details not shown.)

# Verify that you can create VLANs 10 to 20. This example uses VLAN 10.

<Switch> system-view

[Switch] vlan 10

[Switch-vlan10] quit

# Verify that you cannot create any VLANs other than VLANs 10 to 20. This example uses VLAN 30.

[Switch] vlan 30

Permission denied.

# Verify that you can use all read commands of any feature. This example uses display clock.

[Switch] display clock

09:31:56 UTC Wed 01/01/2014

[Switch] quit

# Verify that you cannot use the write or execute commands of any feature.

<Switch> debugging role all

Questions and Answers:

Need help?

Do you have a question about the HP 5130 EI series and is the answer not in the manual?

HP 5130 EI series Specifications

General

Layer	Layer 3
VLANs	4094
Multicast Protocols	IGMP, PIM
Operating Temperature	0°C to 45°C
Model	HP 5130 EI
Ports	24 or 48 10/100/1000 ports
Uplink Ports	4 x 1/10G SFP+
Stacking	Up to 9 switches
Power over Ethernet (PoE)	PoE+ (IEEE 802.3at) on PoE+ models (JG936A, JG937A)
Management	Web, CLI, SNMP
MAC Address Table Size	32, 000 entries
Routing Protocols	OSPF, RIP, BGP, static routing
Operating Humidity	10% to 90% (non-condensing)