Cisco Systems XR manual Task, Write, Execute, Debug, SR-89

Page 89

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

task

task

To add a task ID to a task group, use the task command in task group configuration mode. To remove a task ID from a task group, use the no form of this command.

task {read write execute debug} taskid-name

no task {read write execute debug} taskid-name

Syntax Description

read

Enables read-only privileges for the named task ID.

 

write

Enables write privileges for the named task ID. The term “write” implies read also.

 

 

 

 

execute

Enables execute privileges for the named task ID.

 

 

 

 

debug

Enables debug privileges for the named task ID.

 

 

 

 

taskid-name

Name of the task ID.

 

 

 

Defaults

Command Modes

Command History

No task IDs are assigned to a newly created task group.

Task group configuration

Release

Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

 

 

Release 3.0

No modification.

 

 

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.

 

 

Release 3.3.0

No modification.

 

 

Usage Guidelines

 

To use this command, you must be in a user group associated with a task group that includes the proper

 

 

task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on

 

 

Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

 

 

Use the task command in task group configuration mode. To access task group configuration mode, use

 

 

the taskgroup command in global configuration mode.

 

 

 

 

 

Task ID

 

Task ID

Operations

 

 

 

 

 

 

 

 

aaa

read, write

 

 

 

 

 

 

 

 

 

Examples

 

The following example shows how to enable execute privileges for the config-services task ID and

 

 

associate that task ID with the task group named taskgroup1:

RP/0/RP0/CPU0:router# configure

RP/0/RP0/CPU0:router(config)# taskgroup taskgroup1

RP/0/RP0/CPU0:router(config-tg)# task execute config-services

Cisco IOS XR System Security Command Reference

SR-89

Image 89
Contents SR-1 SR-2 Aaa accountingSR-3 Creates a method list to be used for authorizationAaa Read, write SR-4 Aaa accounting system defaultSR-5 Creates a method list for authenticationCreates a method list for authorization SR-6 Aaa authenticationSR-7 Radius, group named-group,local, or line optionsCreates a method list for accounting SR-8 Command DescriptionNetwork Aaa authorizationLocal SR-9SR-10 SR-11 Which specifies that TACACS+ authorization is usedSR-12 Aaa default-taskgroupSR-13 Aaa group server radiusSR-14 Comprises three member serversSR-15 Aaa group server tacacs+SR-16 SR-17 Aaa accounting commandAccounting SR-18 List named listname2 on a line template named configureSR-19 AuthorizationAuthorization command SR-20 Listname4 on a line template named configureSR-21 Deadtime server-group configurationDeadtime minutes no deadtime SR-22 Related Commands DescriptionSR-23 Description AAADescription string No description SR-24 TaskgroupSR-25 GroupSR-26 Task ID ExamplesSR-27 Inherit taskgroupSR-28 SR-29 Inherit usergroupInherit usergroup usergroup-name SR-30 Sales user groupSR-31 Login authenticationAuthentication login command SR-32 SR-33 Password AAAPassword 0 7 password No password 0 7 password SR-34 SR-35 Radius-server dead-criteria timeSR-36 SR-37 Radius-server dead-criteria triesSR-38 Dead-criteria timeSR-39 Radius-server deadtimeRadius-server deadtime minutes No radius-server deadtime SR-40 Radius-server host Timeout secondsRetransmit retries SR-41SR-42 SR-43 SR-44 Radius-server keySR-45 Specifies a Radius server hostSR-46 Radius-server retransmitSR-47 Radius-server timeoutRadius-server timeout seconds No radius-server timeout SR-48 Radius source-interfaceSR-49 Outgoing Radius packetsSR-50 SecretSecret 0 5 secret no secret 0 5 secret SR-51 SR-52 Server RadiusSR-53 SR-54 Server TACACS+SR-55 Groups different TACACS+ server hosts into distinct listsSR-56 Show aaaAaa usergroup operator SR-57SR-58 SR-59 Displays task IDs enabled for the currently logged-in userShow radius If no radius servers are configured, no output is displayedShow radius SR-60SR-61 Field DescriptionSR-62 Show radius accountingShow radius accounting SR-63 Show radius authenticationSR-64 Show radius authenticationShow radius authentication SR-65 Show radius accountingSR-66 Show radius clientShow radius client SR-67 SR-68 Show radius dead-criteriaSR-69 Show radius server-groups No default behavior or valuesShow radius server-groups SR-70SR-71 Field DescriptionSR-72 Show tacacsShow tacacs SR-73 SR-74 Show tacacs server-groupsShow tacacs server-groups SR-75 SR-76 Show task supportedShow task supported Ouni pkg-mgmt pos-dpt ppp SR-77SR-78 Show userUser all SR-79SR-80 SR-81 SR-82 Tacacs-server hostSR-83 SR-84 Tacacs-server keyTacacs-server key key-nameno tacacs-server key SR-85 Specifies a TACACS+ hostSR-86 Tacacs-server timeoutTacacs-server timeout seconds No tacacs-server timeout SR-87 Tacacs source-interfaceSR-88 Aaa group server radiusWrite TaskExecute DebugSR-90 SR-91 TaskgroupSR-92 Creates a task group description in task configuration modeAdds a task ID to a task group SR-93 Timeout login responseSR-94 Enables AAA authentication for loginsSR-95 UsergroupSR-96 Creates a description of a task group during configurationSR-97 UsernameCreates a login password for a user Defines a method list for authenticationAdds a user to a group SR-98SR-99 Users groupSR-100 Given operator privileges