<Switch>
2.
Verify that you can obtain the level-3 user role:
# Use the super password to obtain the level-3 user role. When the system prompts for a username
and password, enter the username test@bbb and password enabpass.
<Switch> super level-3
Username: test@bbb
Password:
The following output shows that you have obtained the level-3 user role.
User privilege role is level-3, and only those commands that authorized to the role
can be used.
# If the ACS server does not respond, enter the local authentication password 654321 at the
prompt.
Invalid configuration or no response from the authentication server.
Change authentication mode to local.
Password:
User privilege role is level-3, and only those commands that authorized to the role
can be used.
The output shows that you have obtained the level-3 user role.
3.
Use the method in step
network-admin user roles. (Details not shown.)
RBAC temporary user role authorization configuration example
(RADIUS authentication)
Network requirements
As shown in
Telnet user uses the username test@bbb and is assigned the user role level-0.
Configure the remote-then-local authentication mode for temporary user role authorization. The switch
uses the RADIUS server to provide authentication for the network-admin user role. If the AAA
configuration is invalid or the RADIUS server does not respond, the switch performs local authentication.
Figure 8 Network diagram
Configuration procedure
1.
Configure the switch:
2
to verify that you can obtain the level 0, level 1, level 2, and
Figure
8, the switch uses local authentication for login users, including the Telnet user. The
38