Configuring aaa authorization, Figure 179 dis – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual
Page 914
858
Brocade 6910 Ethernet Access Switch Configuration Guide
53-1002651-02
42
AAA Authentication, Authorization and Accounting
FIGURE 179
Displaying Statistics for AAA Accounting Sessions
Configuring AAA Authorization
Use the Security > AAA > Authorization page to enable authorization of requested services, and
also to display the configured authorization methods, and the methods applied to specific
interfaces.
CLI References
•
Command Usage
•
This feature performs authorization to determine if a user is allowed to run an Exec shell.
•
AAA authentication through a RADIUS or TACACS+ server must be enabled before authorization
is enabled.
Parameters
These parameters are displayed:
Configure Method
•
Authorization Type – Specifies the service as Exec, indicating administrative authorization for
local console, Telnet, or SSH connections.
•
Method Name – Specifies an authorization method for service requests. The “default” method
is used for a requested service if no other methods have been defined. (Range: 1-64
characters)
•
Server Group Name - Specifies the authorization server group. (Range: 1-64 characters)
The group name “tacacs+” specifies all configured TACACS+ hosts (see
Local/Remote Logon Authentication”
on page 848). Any other group name refers to a server
group configured on the TACACS+ Group Settings page. Authorization is only supported for
TACACS+ servers.
Configure Service
•
Console Method Name – Specifies a user defined method name to apply to console
connections.
•
Telnet Method Name – Specifies a user defined method name to apply to Telnet connections.
Show Information
•
Authorization Type - Displays the authorization service.
•
Method Name - Displays the user-defined or default accounting method.
•
Server Group Name - Displays the authorization server group.