Users Guide

Role-Based Access Control Commands

With Role-Based Access Control (RBAC), access and authorization is controlled based on a user’s role. Users

are granted permissions based on their user roles, not on their individual user ID. User roles are created for

job functions and through those roles they acquire the permissions to perform their associated job function.

This section describes the syntax and usage of RBAC-specific commands. You can find information on other

related security commands in this chapter:

• aaa accounting

• aaa authentication login

• aaa authorization commands

• authorization

• show accounting

• show users

• username

aaa authorization role-only

Configure authentication to use the user’s role only when determining if access to commands is permitted.

Syntax

aaa authorization role-only

To return to the default setting, use the no aaa authentication role-only

command.

Parameters

name Enter a text string for the name of the user up to 63 characters.

It cannot be one of the system defined roles (sysadmin,

secadmin, netadmin, netoperator).

inherit existing-

role-name

Enter the inherit keyword then specify the system defined

role to inherit permissions from (sysadmin, secadmin, netadmin,

netoperator).

Defaults none

Command Modes CONFIGURATION

Command History

This guide is platform-specific. For command information about other platforms, see

the relevant Dell Networking OS Command Line Reference Guide.

Version Description

9.10(0.1) Introduced on the S6010-ON and S4048T-ON.

9.8(1.0) Introduced on the Z9100-ON.

Security 1820