DELL 8132 ユーザーズマニュアル
AAA Commands
247
User Guidelines
A maximum of five authorization method lists may be created for command
types.
Command authorization attempts authorization for all EXEC mode
Command authorization attempts authorization for all EXEC mode
commands associated with a privilege level, including global configuration
commands. Exec authorization attempts authorization when a user attempts
to enter Privileged EXEC mode.
If multiple authorization methods are listed, the switch will attempt
If multiple authorization methods are listed, the switch will attempt
communication with each method in order, until successful communication
is established or all methods in the list have been tried. If authorization fails,
then the command is denied and no further attempts at authorization are
made for the user request.
The various utility commands like tftp,
The various utility commands like tftp,
, outbound
also must pass
command authorization. Applying a script is treated as a single command
apply script which also must pass authorization. Startup-config commands
applied on device boot-up are not subject to the authorization process.
aaa authorization network default radius
Use the aaa authorization network default radius command in Global
Configuration mode to enable the switch to accept VLAN assignment by the
RADIUS server.
Syntax
aaa authorization network default radius
no aaa authorization network default radius
no aaa authorization network default radius
Method
Notes
Local
The local method is not supported for authorization. This
method is equivalent to selecting the none method.
TACACS
Only TACACS is supported for command authorization.
None
Selecting the none method authorizes all commands.
Radius
The radius method is only valid for EXEC authorization.
Command authorization with RADIUS will work if and only if
the applied authentication method is also radius.
2CSPC4.X8100-SWUM102.book Page 247 Friday, March 15, 2013 8:56 AM