Configuration Guide AAA Commands
Global configuration mode
If the AAA second-generation Web security service is enabled on the device, users must use AAA for
the second-generation Web authentication negotiation. You must use the aaa authentication
web-auth command to configure a default or optional method list for user authentication.
The next method can be used for authentication only when the current method does not work.
The following example defines an AAA authentication method list named rds_web. In the
authentication method list, the RADIUS security server is first used for authentication. If the RADIUS
security server does not respond, the local user database is used for authentication.
Ruijie(config)# aaa authentication web-auth rds_web group radius none
1.10 aaa authorization commands
Use this command to authorize the command executed by the user who has logged in the NAS CLI.
Use the no form of this command to restore the default setting.
aaa authorization commands level { default | list-name } method1 [ method2...]
no aaa authorization commands level { default | list-name }
Command level to be authorized in the range from 0 to 15
When this parameter is used, the following defined method list is used as the
default method for command authorization.
Name of the user authorization method list, which could be any character
strings
It must be one of the keywords: none and group. One method list can contain
up to four methods.
Do not perform authorization.
Uses the server group for authorization. At present, the TACACS+ server
group is supported.
This function is disabled by default.
To Next Page
Loading...
