52
When you assign the security-audit user role to a local user, the system requests confirmation
to delete all the other user roles of the local user first.
When you assign the other user roles to a local user who has been assigned the security-audit
user role, the system requests confirmation to delete the security-audit user role for the local
user first.
To assign a user role to a local user:
1. Enter system view.
system-view
N/A
2.
enter local user view.
local-user
user-name
class
{
|
}
N/A
3. Authorize the user to have
a user role.
authorization-attribute
user-role
role-name
Repeat this step to assign the user to
a maximum of 64 user roles.
By default, network-operator is
assigned to local users created by a
network-admin or level-15 user.
4.
undesirable user roles.
undo authorization-attribute
user-role
role-name
A
user can use the collection of
system items
accessible to any user role assigned
to the user.
If a user role is undesirable (for
example, the default user role), you
must use this command to delete the
user role.
Assigning user roles to non-AAA authentication users on
user lines
Specify user roles for the following two types of login users on the user lines:
Users who use password authentication or no authentication.
SSH clients that use publickey or password-publickey authentication. User roles assigned to
these SSH clients are specified in their respective local device management user accounts.
For more information about user lines, see "Login overview" and "Logging in to the CLI." For more
information about SSH, see Security Configuration Guide.
To assign a user role to non-AAA authentication users on a user line:
1. Enter system view.
system-view
N/A
2. Enter user line view or
use line class view.
• Enter user line view:
line { first-num1 [ last-num1 ]
| { aux | vty } first-num2
[ last-num2 ] }
• Enter user line class view:
line class { aux | vty }
For information about the priority
order and application scope of the
configurations in user line view and
user line class view, see "Logging
into the CLI."
3. Specify a user role on the
user line.
user-role
role-name
Repeat this step to specify a
maximum of 64 user roles on a user
line.
By default, network-
specified on the AUX user line, and
network-operator is specified on any
To Next Page
Loading...
Need help?
General