CLI Reference Guide

ManualsBrandsDell ManualsServerPowerEdge M805

131

132

133

134

135

136

137

138

139

140

98 AAA Commands

www.dell.com | support.dell.com

User Guidelines

The default and optional list names created with the

aaa authentication enable

command are

used with the

enable authentication

command.

Create a list by entering the

aaa

authentication enable

list-name method

command where

list-name

is any character string used to name this list. The

method

argument identifies the

list of methods that the authentication algorithm tries, in the given sequence.

The additional methods of authentication are used only if the previous method returns an

error, not if it fails. To ensure that the authentication succeeds even if all methods return an

error, specify

none

as the final method in the command line. For example, if

none

is specified

as an authentication method after

radius

, no authentication is used if the RADIUS server is

down.

NOTE: Requests sent by the switch to a RADIUS or TACACS server include the username "$enabx$.",

where x is the requested privilege level. For login to be authenticated on Radius and TACACS+ servers,

add "$enabx$" users to them.

Example

The following example sets authentication when accessing higher privilege levels.

console(config)# aaa authentication enable default enable

aaa authentication login

Use the

aaa authentication login

command in Global Configuration mode to set authentication at

form of this command.

Syntax

aaa authentication login

{

default

list-name

}

method1

[

method2...

]

no aaa authentication login

{

default

list-name

}

•

default

—Uses the listed authentication methods that follow this argument as the default

list of methods when a user logs in.

•

list-name

—Character string used to name the list of authentication methods activated

when a user logs in. (Range: 1-12 characters)

•

method1

[

method2

...]—Specify at least one from the following table:

Keyword Source or destination

enable Uses the enable password for authentication.

line Uses the line password for authentication.

local Uses the local username database for authentication.

none Uses no authentication.