1-13
Parameters
hwtacacs-scheme hwtacacs-scheme-name
: Specifies an HWTACACS scheme by its name, which is
a string of 1 to 32 characters.
local
: Performs local authorization.
none
: Does not perform any authorization. In this case, an authenticated user is automatically
authorized with the default rights.
radius-scheme radius-scheme-name
: Specifies a RADIUS scheme by its name, which is a string of 1
to 32 characters.
Description
Use the
authorization login
command to configure the authorization method for login users.
Use the
undo authorization login
command to restore the default.
By default, the default authorization method is used for login users.
Note that:
z
The RADIUS, HWTACACS, or LDAP scheme specified for the current ISP domain must have
been configured.
z
RADIUS authorization is special in that it takes effect only when the RADIUS authorization
scheme is the same as the RADIUS authentication scheme. If the RADIUS authorization scheme
is different from the RADIUS authentication scheme, RADIUS authorization will fail.
Related commands:
authorization default
,
hwtacacs scheme
,
radius scheme
.
Examples
# Configure the default ISP domain
system
to use local authorization for login users.
<Sysname> system-view
[Sysname] domain system
[Sysname-isp-system] authorization login local
# Configure the default ISP domain
system
to use RADIUS authorization scheme
rd
for login users
and use local authorization as the backup.
<Sysname> system-view
[Sysname] domain system
[Sysname-isp-system] authorization login radius-scheme rd local
authorization-attribute
Syntax
authorization-attribute
{
acl
acl-number
|
callback-number
callback-number
|
idle-cut
minute
|
level
level
|
user-profile
profile-name
|
vlan
vlan-id
|
work-directory
directory-name
} *
undo authorization-attribute
{
acl
|
callback-number
|
idle-cut
|
level
|
user-profile
|
vlan
|
work-directory
} *
View
Local user view, user group view
Summary of Contents for E4510-48G
Page 109: ...2 18 Sysname interface bridge aggregation 1 Sysname Bridge Aggregation1 shutdown ...
Page 309: ...6 4 Sysname interface vlan interface 1 Sysname Vlan interface1 ip address dhcp alloc ...
Page 324: ...8 3 Sysname interface vlan interface 1 Sysname Vlan interface1 ip address bootp alloc ...
Page 530: ...2 5 Sysname mvlan 100 subvlan 10 to 15 ...
Page 739: ...8 15 Sysname system view Sysname port security trap addresslearned ...
Page 819: ...13 11 Sysname system view Sysname public key peer key2 import sshkey key pub ...
Page 914: ...5 17 Sysname reset oam ...
Page 1064: ...5 30 Slot 2 Set next configuration file successfully ...
Page 1325: ...21 13 Examples Redirect to member 2 Sysname irf switch to 2 Sysname Slave 2 ...