Cisco Systems XR manual Usergroup, SR-95

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

usergroup

usergroup

To configure a user group and associate it with a set of task groups, and to enter user group configuration mode, use the usergroup command in global configuration mode. To delete a user group, or to delete a task-group association with the specified user group, use the no form of this command.

usergroup usergroup-name[description string taskgroup taskgroup-nameinherit usergroup usergroup-name]

no usergroup usergroup-name[description string taskgroup taskgroup-nameinherit

inherit usergroup usergroup-name(Optional) Copies permissions from another user group.

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

User groups are configured with the command parameters for a set of users, such as task groups. You can remove specific user groups by using the no form of the usergroup command. You can remove the user group itself by using the no form of the command without giving any parameters. Deleting a user group that is still referenced in the system results in a warning and a rejection of the deletion.

Use the inherit usergroup command to copy permissions from other user groups. The user group is inherited by the parent group and forms a union of all task IDs specified in those groups. Cyclic inclusions are detected and rejected. User groups cannot inherit properties from predefined groups, such as root-system and owner-sdr.

Cisco IOS XR System Security Command Reference

SR-95