R21xx-HP FlexFabric 11900 Fundamentals Configuration Guide
51
Perform the following task in user view:
Task Command
Remarks
Switch the user role. super [ rolename]
The user role switching fails after three consecutive
unsuccessful password attempts.
Displaying RBAC settings
Execute display commands in any view.
Task Command
Display user role information. display role [ name role-name ]
Display user role feature
information.
display role feature [ name feature-name | verbose ]
Display user role feature group
information.
display role feature-group [ name feature-group-name ] [ verbose ]
RBAC configuration examples
RBAC configuration example for local AAA authentication
users
Unless otherwise noted, devices in the configuration example are operating in non-FIPS mode.
Network requirements
The switch in Figure 23 performs local AAA authentication for the Telnet user at 192.168.1.58. This Telnet
user has the username user1@bbb and is assigned the user role role1.
Configure role1 to have the following permissions:
• Executes the read commands of any feature.
• Configures no VLANs except VLANs 10 to 20.
Figure 23 Network diagram
Configuration procedure
# Assign an IP address to VLAN interface 2, the interface connected to the Telnet user.
<Switch> system-view
[Switch] interface vlan-interface 2
[Switch-Vlan-interface2] ip address 192.168.1.70 255.255.255.0
[Switch-Vlan-interface2] quit