HP manual 67

To do…

Use the command…

Remarks

Optional

• By default, command accounting

is disabled. The accounting

server does not record the

commands executed by users.

• Command accounting allows the

HWTACACS server to record all

executed commands that are

supported by the device,

regardless of the command

execution result. This helps

control and monitor user

Enable command

command accounting

operations on the device. If

command accounting is enabled

accounting

and command authorization is

not enabled, every executed

command is recorded on the

HWTACACS server. If both

command accounting and

command authorization are

enabled, only the authorized and

executed commands are

recorded on the HWTACACS

server.

• Configure the AAA accounting

server before enabling command

accounting.

Exit to system view

quit

—

Enter the

Optional

default ISP

domain domain-name

By default, the AAA scheme is local.

domain view

If you specify the local AAA scheme,

authentication default

Apply the

perform the configuration

{ hwtacacs-scheme

concerning local user as well. If you

specified

hwtacacs-scheme-name [ local ] local

specify an existing scheme by

Configure

AAA scheme

none radius-scheme

providing the radius-scheme-name

to the domain

the

radius-scheme-name [ local ] }

argument, perform the following

authentica

configuration as well:

tion mode

• For RADIUS and HWTACACS

configuration, see the Security

Return to

quit

Configuration Guide.

system view

• Configure the username and

password on the AAA server.

(For more information, see the

Security Configuration Guide.)

Create a local user and

local-user user-name

Required

enter local user view

By default, no local user exists.

Set the authentication

password { cipher simple } password

Required

password for the local user

Specify the command level

authorization-attribute level level

Optional

of the local user

By default, the command level is 0.

60