To enable AAA authorization for a specific line or group of lines, use the authorization line configuration command. Use the no form of this command to disable authorization.
authorization {arap | commands level | exec | reverse-access } [default | list-name]
no authorization {arap | commands level | exec | reverse-access } [default | list-name]
arap Enables authorization for line(s) configured for AppleTalk Remote Access (ARA) protocol.
commands Enables authorization on the selected line(s) for all commands at the specified privilege level.
level Specific command level to be authorized. Valid entries are0 through 15.
exec Enables authorization to determine if the user is allowed to run an EXEC shell on the selected line(s).
reverse-access Enables authorization to determine if the user is allowed reverse access privileges.
default (Optional) The name of the default method list, created with the aaaauthorizationcommand.
list-name (Optional) Specifies the name of a list of authorization methods to use. If no list name is specified, the system uses the default. The list is created with the aaa authorization command.
Authorization is not enabled.
Line configuration
| Release | Modification | 11.3 T | This command was introduced. |
|---|
After you enable the aaa authorization command and define a named authorization method list (or use the default method list) for a particular type of authorization, you must apply the defined lists to the appropriate lines for authorization to take place. Use the authorization command to apply the specified method lists (or if none is specified, the default method list) to the selected line or group of lines.
The following example enables command authorization (for level 15) using the method list named charlie on line 10:
line 10 authorization commands 15 charlie
| Command | Description |
|---|---|
| aaa authorization | Sets parameters that restrict network access to a user. |
Printed for apswan@ctr.ap.nic.in on Wed Mar 5 22:32:57 PST 2003
All material in this document copyright 2000 Cisco Systems, Inc. All rights reserved. No material may be reproduced or distributed without written permission of Cisco Systems, Inc.