Cisco Systems XR manual Listname4 on a line template named configure, SR-20

Page 20

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

authorization

Examples		The following example shows how to enable command authorization using the method list named
		listname4 on a line template named configure:
		RP/0/RP0/CPU0:router# configure
		RP/0/RP0/CPU0:router(config)# line template configure
		RP/0/RP0/CPU0:router(config-line)# authorization commands listname4

Related Commands		Command	Description

		aaa authorization	Creates a method list for authorization.

Cisco IOS XR System Security Command Reference

SR-20

Image 20

Contents SR-1 Aaa accounting SR-2SR-3 Creates a method list to be used for authorizationAaa Read, write Aaa accounting system default SR-4SR-5 Creates a method list for authenticationCreates a method list for authorization Aaa authentication SR-6SR-7 Radius, group named-group,local, or line optionsCreates a method list for accounting Command Description SR-8Aaa authorization NetworkLocal SR-9SR-10 Which specifies that TACACS+ authorization is used SR-11Aaa default-taskgroup SR-12Aaa group server radius SR-13Comprises three member servers SR-14Aaa group server tacacs+ SR-15SR-16 SR-17 Aaa accounting commandAccounting List named listname2 on a line template named configure SR-18SR-19 AuthorizationAuthorization command Listname4 on a line template named configure SR-20SR-21 Deadtime server-group configurationDeadtime minutes no deadtime Related Commands Description SR-22SR-23 Description AAADescription string No description Taskgroup SR-24Group SR-25Task ID Examples SR-26Inherit taskgroup SR-27SR-28 SR-29 Inherit usergroupInherit usergroup usergroup-name Sales user group SR-30SR-31 Login authenticationAuthentication login command SR-32 SR-33 Password AAAPassword 0 7 password No password 0 7 password SR-34 Radius-server dead-criteria time SR-35SR-36 Radius-server dead-criteria tries SR-37Dead-criteria time SR-38SR-39 Radius-server deadtimeRadius-server deadtime minutes No radius-server deadtime SR-40 Timeout seconds Radius-server hostRetransmit retries SR-41SR-42 SR-43 Radius-server key SR-44Specifies a Radius server host SR-45Radius-server retransmit SR-46SR-47 Radius-server timeoutRadius-server timeout seconds No radius-server timeout Radius source-interface SR-48Outgoing Radius packets SR-49SR-50 SecretSecret 0 5 secret no secret 0 5 secret SR-51 Server Radius SR-52SR-53 Server TACACS+ SR-54Groups different TACACS+ server hosts into distinct lists SR-55Show aaa SR-56SR-57 Aaa usergroup operatorSR-58 Displays task IDs enabled for the currently logged-in user SR-59If no radius servers are configured, no output is displayed Show radiusShow radius SR-60Field Description SR-61SR-62 Show radius accountingShow radius accounting Show radius authentication SR-63SR-64 Show radius authenticationShow radius authentication Show radius accounting SR-65SR-66 Show radius clientShow radius client SR-67 Show radius dead-criteria SR-68SR-69 No default behavior or values Show radius server-groupsShow radius server-groups SR-70Field Description SR-71SR-72 Show tacacsShow tacacs SR-73 SR-74 Show tacacs server-groupsShow tacacs server-groups SR-75 SR-76 Show task supportedShow task supported SR-77 Ouni pkg-mgmt pos-dpt pppShow user SR-78SR-79 User allSR-80 SR-81 Tacacs-server host SR-82SR-83 SR-84 Tacacs-server keyTacacs-server key key-nameno tacacs-server key Specifies a TACACS+ host SR-85SR-86 Tacacs-server timeoutTacacs-server timeout seconds No tacacs-server timeout Tacacs source-interface SR-87Aaa group server radius SR-88Task WriteExecute DebugSR-90 Taskgroup SR-91SR-92 Creates a task group description in task configuration modeAdds a task ID to a task group Timeout login response SR-93Enables AAA authentication for logins SR-94Usergroup SR-95Creates a description of a task group during configuration SR-96Username SR-97Defines a method list for authentication Creates a login password for a userAdds a user to a group SR-98Users group SR-99Given operator privileges SR-100