Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software
aaa authorization
aaa authorization
To create a method list for authorization, use the aaa authorization command in global configuration mode. To disable authorization for a function, use the no form of this command.
aaaauthorization {commands exec network} {default
no aaa authorization {commands exec network} {default
Syntax Description
Defaults
Command Modes
Command History
commands | Configures authorization for all EXEC shell commands. |
exec | Configures authorization for an interactive (EXEC) session. |
|
|
network | Configures authorization for network services, such as PPP or Internet Key |
| Exchange (IKE). |
|
|
default | Uses the listed authorization methods that follow this keyword as the default list |
| of methods for authorization. |
|
|
Character string used to name the list of authorization methods. | |
|
|
none | Uses no authorization. If you specify none, no subsequent authorization methods |
| is attempted. However, the task ID authorization is always required and cannot be |
| disabled. |
|
|
local | Uses local authorization. This method of authorization is not available for |
| command authorization. |
|
|
group tacacs+ | Uses the list of all configured TACACS+ servers for authorization. |
|
|
group radius | Uses the list of all configured RADIUS servers for authorization. This method of |
| authorization is not available for command authorization. |
|
|
group | Uses a named subset of TACACS+ or RADIUS servers for authorization as |
| defined by the aaa group server tacacs+ or aaa group server radius command. |
|
|
Authorization is disabled for all actions (equivalent to the method none keyword).
Global configuration
Release | Modification |
Release 2.0 | This command was introduced on the Cisco |
|
|
Release 3.0 | No modification. |
|
|
Release 3.2 | This command was supported on the Cisco XR 12000 Series Router. |
|
|
Release 3.3.0 | No modification. |
|
|
Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Cisco IOS XR System Security Command Reference
