DELL S6000-ON User Manual
Adding and Deleting Users from a Role
To create a user name that is authenticated based on a user role, use the username name password
encryption-type password role role-name command in CONFIGURATION mode.
Example
Example
The following example creates a user name that is authenticated based on a user role.
Dell (conf) #username john password 0 password role secadmin
The following example deletes a user role.
NOTE: If you already have a user ID that exists with a privilege level, you can add the user role to
username that has a privilege
username that has a privilege
Dell (conf) #no username john
The following example adds a user, to the secadmin user role.
Dell (conf)#username john role secadmin password 0 password
Dell (conf)#username john role secadmin password 0 password
AAA Authentication and Authorization for Roles
This section describes how to configure AAA Authentication and Authorization for Roles.
Configuration Task List for AAA Authentication and Authorization for Roles
Configuration Task List for AAA Authentication and Authorization for Roles
This section contains the following AAA Authentication and Authorization for Roles configuration tasks:
•
•
•
Configure AAA Authentication for Roles
Authentication services verify the user ID and password combination. Users with defined roles and users
with privileges are authenticated with the same mechanism. There are six methods available for
authentication: radius, tacacs+, local, enable, line, and none.
with privileges are authenticated with the same mechanism. There are six methods available for
authentication: radius, tacacs+, local, enable, line, and none.
When role-based only AAA authorization is enabled, the enable, line, and none methods are not
available. Each of these three methods allows users to be verified with either a password that is not
specific to their user ID or with no password at all. Because of the lack of security these methods are not
available for role only mode. When the system is in role-only mode, users that have only privilege levels
are denied access to the system because they do not have a role. For information about role only mode,
see
available. Each of these three methods allows users to be verified with either a password that is not
specific to their user ID or with no password at all. Because of the lack of security these methods are not
available for role only mode. When the system is in role-only mode, users that have only privilege levels
are denied access to the system because they do not have a role. For information about role only mode,
see
NOTE: Authentication services only validate the user ID and password combination. To determine
which commands are permitted for users, configure authorization. For information about how to
configure authorization for roles, see
which commands are permitted for users, configure authorization. For information about how to
configure authorization for roles, see
To configure AAA authentication, use the aaa authentication command in CONFIGURATION mode.
aaa authentication login {method-list-name | default} method [… method4]
aaa authentication login {method-list-name | default} method [… method4]
Security
833