Obtaining Temporary User Role Authorization; Displaying And Maintaining Rbac Settings; Rbac Configuration Examples; Rbac Configuration Example For Local Aaa Authentication Users - HP 10500 Series Configuration Manual

Obtaining temporary user role authorization

AUX or VTY users must pass authentication before they can use a user role that is not included in the user
account they are logged in with.
Perform the following task in user view:
Task
Obtain the temporary
authorization to use a
user role.

Displaying and maintaining RBAC settings

Execute display commands in any view.
Task
Display user role information.
Display user role feature
information.
Display user role feature group
information.

RBAC configuration examples

RBAC configuration example for local AAA authentication
users
Network requirements
As shown in
has the username user1@bbb and is assigned the user role role1.
Configure role1 to have the following permissions:
• Can execute the read commands of any feature.
Cannot configure any VLANs except VLANs 10 to 20.
•
Command
super [ rolename ]
Command
display role [ name role-name ]
display role feature [ name feature-name | verbose ]
display role feature-group [ name feature-group-name ] [ verbose ]
Figure 3, the switch performs local AAA authentication for the Telnet user. The Telnet user
Remarks
If you do not specify the rolename argument, you obtain
the default target user role for temporary user role
authorization.
The operation fails after three consecutive unsuccessful
password attempts.
The user role must have the permission to execute the
super command to obtain temporary user role
authorization.
28