AAA Commands 251
Syntax
authorization {commands|exec } [default|
list_name
]
no authorization {commands|exec }
Parameter Description
Default Configuration
Authorization is not enabled on any line method by default.
Command Mode
Line console, line telnet, line SSH
User Guidelines
When command authorization is configured for a line-mode, the switch
sends information about the entered command to the method specified in
the command list. The authorization method validates the received
command and responds with either a PASS or FAIL response. If approved, the
command is executed. Otherwise, the command is denied and an error
message is shown to the user. If contact with the authorization method fails,
then the next method in the list is attempted.
Examples
Use the following command to enable TACACS command authorization for
telnet.
Parameter Description
commands Perform authorization for each command entered by the user.
exec Perform EXEC authorization for the user (authorization
required to enter privileged EXEC mode).
default The default list of methods for command authorization
(cmdAuthList).
list_name Character string used to name the list of authorization
methods. The list name can consist of any printable character.
Use quotes around the list name if embedded blanks are
contained in the list name.
2CSPC4.X8100-SWUM102.book Page 251 Friday, March 15, 2013 8:56 AM