Authorization-Attribute (Local User View/User Group View) - HP 5120 SI series Command Reference Manual
Hide thumbs
Also See for 5120 SI series:
- Security configuration manual (385 pages) ,
- Installation manual (48 pages) ,
- Specification (33 pages)
Table of Contents
Advertisement
authorization-attribute (local user view/user group view)
Syntax
authorization-attribute { acl acl-number | idle-cut minute | level level | user-profile profile-name |
user-role security-audit | vlan vlan-id | work-directory directory-name } *
undo authorization-attribute { acl | idle-cut | level | user-profile | user-role | vlan | work-directory }
*
View
Local user view, user group view
Default level
3: Manage level
Parameters
acl acl-number: Specifies the authorization ACL. The ACL number must be in the range 2000 to 5999.
After passing authentication, a local user is authorized to access the network resources specified by this
ACL.
idle-cut minute: Sets the idle timeout period. With the idle cut function enabled, an online user whose idle
period exceeds the specified idle timeout period will be logged out. minute indicates the idle timeout
period, in the range 1 to 120 minutes.
level level: Specifies the user level, which can be 0 for visit level, 1 for monitor level, 2 for system level,
and 3 for manage level. A smaller number means a lower level. If the user interfaces' authentication
mode is scheme, which commands users can use after login in depends on this argument. By default, the
user level is 0, and users can use only commands of level 0 after login.
user-profile profile-name: Specifies the authorization user profile. profile-name is a case-sensitive string
of 1 to 32 characters. It can consist of English letters, digits, and underlines, and must start with an
English letter. After a user passes authentication and gets online, the switch uses the settings in the user
profile to restrict the access behavior of the user.
user-role security-audit: Specifies the role of the local user as security-audit. Users with different roles
can access different levels of commands. security-audit is used to specify the user as a security log
administrator. After passing authentication, a security log administrator is allowed to perform operations
to the security log files, such as saving operation. This attribute is supported in local user view only. For
more information about the commands that a security log administrator can use, see the Network
Management and Monitoring Configuration Guide.
vlan vlan-id: Specifies the authorized VLAN. vlan-id is in the range 1 to 4094. After passing
authentication, a local user can access the resources in this VLAN.
work-directory directory-name: Specifies the work directory, if the user or users use the FTP or SFTP
service. directory-name is a case-insensitive string of 1 to 135 characters. The directory must already
exist.
Description
Use the authorization-attribute command to configure authorization attributes for the local user or user
group. After the local user or a local user of the user group passes authentication, the device will assign
these attributes to the user.
Use the undo authorization-attribute command to remove authorization attributes.
By default, no authorization attribute is configured for a local user or user group.
27
- Quick Links:
- Command Reference
Hide quick links:
Advertisement
Table of Contents
