Switching to a specific user level, Configuration example – H3C Technologies H3C S3100 Series Switches User Manual
Page 19
1-6
Operation
Command
Description
Enter system view
system-view
—
Enter ISP domain view
domain domain-name
—
Set the HWTACACS
authentication scheme for
user level switching
authentication super
hwtacacs-scheme
hwtacacs-scheme-name
Required
By default, the HWTACACS
authentication scheme for user level
switching is not set.
When setting the HWTACACS authentication scheme for user level switching using the authentication
super hwtacacs-scheme command, make sure the HWTACACS authentication scheme identified by
the hwtacacs-scheme-name argument already exists. Refer to AAA Operation for information about
HWTACACS authentication scheme.
Switching to a specific user level
Follow these steps to switch to a specific user level:
Operation
Command
Remarks
Switch to a specified user level
super [ level ]
Required
Execute this command in user view.
z
If no user level is specified in the super password command or the super command, level 3 is
used by default.
z
For security purpose, the password entered is not displayed when you switch to another user level.
You will remain at the original user level if you have tried three times but failed to enter the correct
authentication information.
Configuration example
After a general user telnets to the switch, his/her user level is 0. Now, the network administrator wants to
allow general users to switch to level 3, so that they are able to configure the switch.
1) Super password authentication configuration example
z
The administrator configures the user level switching authentication policies.
# Set the user level switching authentication mode for VTY 0 users to super password authentication.
[Sysname] user-interface vty 0
[Sysname-ui-vty0] super authentication-mode super-password
[Sysname-ui-vty0] quit