3com S7906E Manuel De Montage

 

1-15 

A user can switch to a privilege level equal to or lower than the current one unconditionally and is not 

required to input the password (if any). A user is required to input the password (if any) to switch to a 

higher privilege level for security sake. 

The authentication falls into one of the following four categories: local, scheme, local scheme, and 

scheme local. You can specify the authentication mode as required. 

When a user switches to a privilege level higher than the current one, the switch procedure varies with 

authentication modes: 

z 

local: In this mode, after the user executes the command to switch the user privilege level, the 

system asks the user to input the local switch authentication password set with the super 

password command. If the user passes the authentication, the user privilege level will be 

switched successfully; otherwise, the user privilege level will remain unchanged. 

z 

scheme: In this mode, after the user executes the command to switch the user privilege level, the 

system asks the user to input this user’s switch password configured on the AAA server. If the 

user passes the AAA authentication, the user privilege level will be switched successfully; 

otherwise, the user privilege level will remain unchanged. 

z 

local scheme: In this mode, after the user executes the command to switch the user privilege 

level, the system asks the user to input the local switch authentication password. With the local 

switch authentication password configured, if the user passes the authentication, the user 

privilege level will be switched successfully; otherwise, the user privilege level will remain 

unchanged. With no local switch authentication password configured, the AAA authentication is 

performed: if the user passes the AAA authentication, the user privilege level will be switched 

successfully; otherwise, the user privilege level will remain unchanged. 

z 

scheme local: In this mode, after the user executes the command to switch the user privilege 

level, the system asks the user to input this user’s switch password configured on the AAA server. 

If the user passes the AAA authentication, the user privilege level will be switched successfully; 

otherwise, the user privilege level will remain unchanged. If the AAA configuration is invalid or the 

AAA server does not respond, the authentication requiring the local password is performed: if the 

user passes the authentication, the user privilege level will be switched successfully; otherwise, 

the user privilege level will remain unchanged. 

If the authentication mode is set to scheme (performs authorization and authentication of AAA) when 

the user logs in to the switch (that is, username and password are required when the user logs in), the 

AAA authentication is performed when the user switches his privilege level: the system asks the user to 

input the privilege level switch password; after the user inputs the password, the device uses the 

username used to log in to the switch and the privilege level switch password to perform the privilege 

level switch authentication. 

Follow these steps to configure user privilege level switch: 

Enter system view 

—