HP 6125XLG R2306-HP 6125XLG Blade Switch Fundamentals Command Reference - Page 56

Related commands • display role feature • display role feature-group • role feature-group interface policy deny Use interface policy deny to enter user role interface policy view. Use undo interface policy deny to restore the default user role interface policy. Syntax interface policy deny undo interface policy deny Default A user role has access to any interface. Views User role view Predefined user roles network-admin Usage guidelines The interface policy deny command denies the access of a user role to any interface. To restrict the interface access of a user role to only a set of interfaces: 1. Use interface policy deny to deny access to any interface. 2. Use permit interface to specify accessible interfaces. To perform any of the following operations, you must make sure the interface is permitted by the interface policy of any user role that you are logged in with: • Create, remove, or configure an interface. • Enter its interface view. • Specify the interface in a feature command. The create and remove operations are available only to logical interfaces. Any change to a user role interface policy takes effect only on users who log in with the user role after the change. Examples # Deny the user role role1 to access any interface. system-view [Sysname] role name role1 [Sysname-role-role1] interface policy deny [Sysname-role-role1-ifpolicy] quit # Deny the user role role1 to access any interface but Ten-GigabitEthernet 1/1/5 to Ten-GigabitEthernet 1/1/9. system-view 49