HP 6125XLG R2306-HP 6125XLG Blade Switch Fundamentals Configuration Guide - Page 61
Verifying the configuration, RBAC configuration example for RADIUS authentication users
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 61 highlights
# Change the VLAN policy to permit the user role to configure only VLANs 10 to 20. [Switch-role-role1] vlan policy deny [Switch-role-role1-vlanpolicy] permit vlan 10 to 20 [Switch-role-role1-vlanpolicy] quit [Switch-role-role1] quit # Create a device management user named user1 and enter its view. [Switch] local-user user1 class manage # Set a plaintext password aabbcc for the user. [Switch-luser-manage-user1] password simple aabbcc # Set the service type to Telnet. [Switch-luser-manage-user1] service-type telnet # Assign role1 to the user. [Switch-luser-manage-user1] authorization-attribute user-role role1 # To make sure the user has only the permissions of role1, remove the user from the default user role network-operator. [Switch-luser-manage-user1] undo authorization-attribute user-role network-operator [Switch-luser-manage-user1] quit Verifying the configuration # Telnet to the switch, and enter the username and password to access the user interface. (Details not shown.) # Verify that you can create VLANs 10 to 20. This example uses VLAN 10. system-view [Switch] vlan 10 [Switch-vlan10] quit # Verify that you cannot create any VLANs other than VLANs 10 to 20. This example uses VLAN 30. [Switch] vlan 30 Permission denied. # Verify that you can use all read commands of any feature. This example uses display clock. [Switch] display clock 09:31:56 UTC Tues 01/01/2013 [Switch] quit # Verify that you cannot use the write or execute commands of any feature. debugging role all Permission denied. ping 192.168.1.58 Permission denied. RBAC configuration example for RADIUS authentication users Unless otherwise noted, devices in the configuration example are operating in non-FIPS mode. 54