39
Parameters
role-name: Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must
exist in the system and cannot be security-audit. If you do not specify a user role, you obtain the
default target user role which is set by using the super default role command.
Usage guidelines
The obtained user role is a temporary user role, because this command is effective only on the
current login. The next time you are logged in with the user account, the original user role settings
take effect.
To enable a user to obtain another user role without reconnecting to the device, you must configure
user role authentication.
• If no local password is configured in the local password authentication (local), an AUX user can
obtain the user role by either entering a string or not entering anything.
• If no local password is configured in the local-then-remote authentication (local scheme), the
following rules apply:
{ A VTY user performs remote authentication.
{ An AUX user can obtain user role authorization by either entering a string or not entering
anything.
Examples
# Obtain the user role network-operator.
<Sysname> super network-operator
Password:
User privilege role is network-operator, and only those commands that authorized to the
role can be used.
Related commands
authentication super (Security Command Reference)
super authentication-mode
super password
super authentication-mode
Use super authentication-mode to set an authentication mode for temporary user role
authorization.
Use undo super authentication-mode to restore the default.
Syntax
super authentication-mode { local | scheme } *
undo super authentication-mode
Default
Local password authentication applies.
Views
System view
Predefined user roles
network-admin
Parameters
local: Enables local password authentication.
To Next Page
Loading...
Need help?
General