Aaa authorization exec – LevelOne FGL-2870 User Manual

Command Line Interface

4-130

4

Command Mode

Line Configuration

Example

aaa authorization exec

This command enables the authorization for Exec access. Use the no form to
disable the authorization service.

Syntax

aaa authorization exec {default | method-name} group {tacacs+

| server-group}

no aaa authorization exec {default | method-name}

• default - Specifies the default authorization method for Exec access.
• method-name - Specifies an authorization method for Exec access.

(Range: 1-255 characters)

• group - Specifies the server group to use.

- tacacs+ - Specifies all TACACS+ hosts configured with the

tacacs-server host command described on page 4-120.

- server-group - Specifies the name of a server group configured with the

aaa group server command described on 4-123.
(Range: 1-255 characters)

Default Setting

Authorization is not enabled
No servers are specified

Command Mode

Global Configuration

Command Usage

• This command performs authorization to determine if a user is allowed to run

an Exec shell.

• AAA authentication must be enabled before authorization is enabled.
• If this command is issued without a specified named method, the default

method list is applied to all interfaces or lines (where this authorization type
applies), except those that have a named method explicitly defined.

Example

Console(config)#line console
Console(config-line)#accounting commands 15 default
Console(config-line)#

Console(config)#aaa authorization exec default group tacacs+
Console(config)#