HP 6125XLG R2306-HP 6125XLG Blade Switch Fundamentals Configuration Guide - Page 66
Con ISP domain, Delete the default user role
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 66 highlights
[Switch] domain bbb # Configure ISP domain bbb to use local authentication for login users. [Switch-isp-bbb] authentication login local # Configure ISP domain bbb to use local authorization for login users. [Switch-isp-bbb] authorization login local # Apply the HWTACACS scheme hwtac to the ISP domain. [Switch-isp-bbb] authentication super hwtacacs-scheme hwtac [Switch-isp-bbb] quit # Create a device management user named test and enter its view. Set the service type to Telnet, and set the password to aabbcc. [Switch] local-user test class manage [Switch-luser-manage-test] service-type telnet [Switch-luser-manage-test] password simple aabbcc # Assign level-0 to the user. [Switch-luser-manage-test] authorization-attribute user-role level-0 # Delete the default user role network admin. [Switch-luser-manage-test] undo authorization-attribute user-role network-operator [Switch-luser-manage-test] quit # Set the password to 654321 for the user role level-3. [Switch] super password role level-3 simple 654321 [Switch] quit 2. Configure the HWTACACS server: This example uses ACSv4.0. a. Add a user account test. b. Access the Advanced TACACS+ Settings page. c. Select Level 3 for the Max Privilege for any AAA Client option. d. Select the Use separate password option, and specify enabpass as the password. 59