Configuring User Role Switching Authentication; Switching The User Role - HP 12500 Configuration Manual

Routing switch series

Hide thumbs Also See for 12500:

Configuration manual (402 pages)

Network management and monitoring command reference (320 pages)

Command reference manual (157 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

Table of Contents

Table 7 Authentication modes for user role switching

Keywords

local

scheme

local scheme

scheme local

Configuring user role switching authentication

Step

Enter system view.

Set an authentication

mode.

Set a local

authentication

password for

switching to a user

role.

Switching the user role

An AUX or VTY user must pass authentication before switching to a user role.

Perform the following task in user view:

Authentication mode

Local password

authentication only

(local-only)

Remote AAA authentication

through HWTACACS or

RADIUS (remote-only)

Local password

authentication first and then

remote AAA authentication

(local-then-remote)

Remote AAA authentication

first and then local password

authentication

(remote-then-local)

Command

system-view

super

authentication-mode

{ local | scheme } *

super password [ role

rolename ] { hash |

simple } password

Description

The device uses the locally configured switching password for

authentication.

The device sends the username and password to the

HWTACACS or RADIUS server for remote authentication.

To use this mode, you must perform the following

configuration tasks:

•

Configure the required HWTACACS or RADIUS scheme

and configure the ISP domain to use the scheme for the

user. For more information, see Security Configuration

Guide.

•

Add the user account and password on the HWTACACS

or RADIUS server.

Local password authentication is performed first. If no

switching password is configured, the device performs AAA

authentication.

AAA authentication is performed first. If the remote

HWTACACS or RADIUS server does not respond or the AAA

configuration on the device is invalid, local password

authentication is performed.

Remarks

N/A

By default, local-only authentication applies.

Use this step for local password authentication.

By default, no switching password is configured.

If you do not specify the role rolename option, the

command sets the password for network-admin or

mdc-admin. A default MDC user can use this

password to switch to the network-admin, and a

non-default MDC user can use this password to switch

to the mdc-admin user role.

Table of Contents

Configuring User Role Switching Authentication; Switching The User Role - HP 12500 Configuration Manual

Configuring user role switching authentication

Switching the user role

Troubleshooting

Related Manuals for HP 12500

Related Content for HP 12500

Table of Contents