beautypg.com

Configuring aaa authorization, Figure 179 dis – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 914

background image

858

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002651-02

42

AAA Authentication, Authorization and Accounting

FIGURE 179

Displaying Statistics for AAA Accounting Sessions

Configuring AAA Authorization

Use the Security > AAA > Authorization page to enable authorization of requested services, and
also to display the configured authorization methods, and the methods applied to specific
interfaces.

CLI References

“AAA”

on page 151

Command Usage

This feature performs authorization to determine if a user is allowed to run an Exec shell.

AAA authentication through a RADIUS or TACACS+ server must be enabled before authorization
is enabled.

Parameters
These parameters are displayed:

Configure Method

Authorization Type – Specifies the service as Exec, indicating administrative authorization for
local console, Telnet, or SSH connections.

Method Name – Specifies an authorization method for service requests. The “default” method
is used for a requested service if no other methods have been defined. (Range: 1-64
characters)

Server Group Name - Specifies the authorization server group. (Range: 1-64 characters)
The group name “tacacs+” specifies all configured TACACS+ hosts (see

“Configuring

Local/Remote Logon Authentication”

on page 848). Any other group name refers to a server

group configured on the TACACS+ Group Settings page. Authorization is only supported for
TACACS+ servers.

Configure Service

Console Method Name – Specifies a user defined method name to apply to console
connections.

Telnet Method Name – Specifies a user defined method name to apply to Telnet connections.

Show Information

Authorization Type - Displays the authorization service.

Method Name - Displays the user-defined or default accounting method.

Server Group Name - Displays the authorization server group.