49
Ste
Command
Remarks
8. Enable command accounting. command accounting
Optional
• By default, command accounting is
disabled. The accounting server does not
record the commands executed by users.
• Command accounting allows the
HWTACACS server to record all executed
commands that are supported by the
device, regardless of the command
execution result. This helps control and
monitor user operations on the device. If
command accounting is enabled and
command authorization is not enabled,
every executed command is recorded on the
HWTACACS server. If both command
accounting and command authorization are
enabled, only the authorized and executed
commands are recorded on the
HWTACACS server.
9. Exit to system view
quit —
10. Configure the
authentication
mode.
Enter the
default ISP
domain
view.
domain domain-name
Optional.
By default, the AAA scheme is local.
If you specify the local AAA scheme, perform
the configuration concerning local user as well.
If you specify an existing scheme by providing
the radius-scheme-name argument, perform the
following configuration as well:
• For RADIUS and HWTACACS
configuration, see Security Configuration
Guide.
• Configure the username and password on
the AAA server. (For more information, see
Security Configuration Guide.)
Apply the
specified
AAA
scheme to
the domain.
authentication default
{ hwtacacs-scheme
hwtacacs-scheme-nam
e [ local ] | local |
none | radius-scheme
radius-scheme-name
[ local ] }
Exit to
system view.
quit
11. Create a local user and enter
local user view.
local-user user-name
Required.
By default, no local user exists.
12. Set the local password.
password { cipher |
simple } password
Required.
By default, no local password is set.
13. Specify the command level of
the local user.
authorization-attribute
level level
Optional.
By default, the command level is 0.
14. Specify the service type for the
local user.
service-type ssh
Required.
By default, no service type is specified.
15. Return to system view. quit —
To Next Page
Loading...
Need help?
General
