Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
aaa authorization
Syntax
aaa authorization { exec | commands level } authorListName authMethod
[ authMethod ]*
no aaa authorization { exec | commands level } authorListName
Release Information
Command introduced before JunosE Release 7.1.0.
Description
Sets parameters that restrict a user's access to a network. The no version disables authorization for a function.
Options
- exec—Runs authorization to determine if the user is allowed to run Exec mode commands
- level—Privilege level of commands for which authorization is run; in the range 0–15
- authorListName—Name of the authorization methods list of up to 32 characters
- authMethod—Authorization method
lists define the way authorization is performed and the sequence in
which the methods are performed. You can designate one or more security
protocols in the method list to be used for authorization. If the
initial method fails, the next method in the list is used. The process
continues until either there is successful communication with a listed
authorization method or all methods defined are exhausted:
- if-authenticated—Allows the user to access the requested function if the user is authenticated
- none—NAS does not request authorization information; authorization is not performed over this line
- tacacs+—NAS exchanges authorization information with the TACACS+ security daemon
Note: For information about TACACS+, see JunosE Broadband Access Configuration Guide.
- *—Indicates that one or more parameters can be repeated multiple times in a list in the command line
Mode
Global Configuration
