DELL N3000 User Manual

Configuring Authentication, Authorization, and Accounting

It is important to understand that during authentication, all that happens is 

that the user is validated. If any attributes are returned from the server, they 

are not processed during authentication. In the examples below, it is assumed 

that the default configuration of authorization—that is, no authorization—is 

used.

Use the following configuration to require local authentication when logging 

in over a Telnet connection:

aaa authentication login “loc” local

line telnet

login authentication loc

exit

enable password PaSSW0rd

username guest password password

passwords strength minimum numeric-characters 2

passwords strength minimum character-classes 4

passwords strength-check

username admin password paSS1&word2 privilege 15

passwords lock-out 3

The following describes each line of this code:

• The aaa authentication login “loc” local command creates a login 

authentication list called “loc” that contains the method local.

• The 

line telnet command enters the configuration mode for the Telnet 

line.

• The 

login authentication loc command assigns the loc login 

authentication list to be used for users accessing the switch via Telnet.

• The enable password allows Telnet and SSH users access to privileged exec 

mode. It is required that an enable password be configured to allow local 

access users to elevate to privileged exec level.

• The 

username guest password password command creates a user with the 

name “guest” and password “password”. A simple password can be 

configured here, since strength-checking has not yet been enabled.