ADTRAN 1000R Series User Manual

Command Reference Guide

Global Configuration Mode Command Set

61200510L1-35E

Copyright © 2005 ADTRAN

336

aaa authorization commands <level> [<listname> | default] [group

<groupname> | group tacacs+ | if-authenticated | none]

Use aaa authorization commands to create (or change) a list of methods for user authorization. For more
detailed information on AAA functionality, refer to the Technology Review section of the command aaa on

on page 340

.

Syntax Description

<level>

Specifies the commands enable level. (1=unprivileged, 15 = privileged).

<listname>

Specifies the name of the authorization list.

default

Specifies the default authorization list and applies it implicitly across all lines.

group <groupname>

Uses the specified group of remote servers for authorization.

group tacacs+

Uses all defined TACACS+ servers for authorization.

if-authenticated

Succeeds if user has authenticated.

none

Access automatically granted.

Default Values

The authorization list named default is the default list used to authorize commands when no other list is
assigned to the line.

Applicable Platforms

This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and
Total Access 900 Series units.

Command History

Release 11.1

Command was introduced.

Usage Examples

The following command creates a list called myList to authorize unprivileged commands (which succeeds
only if the user has been authenticated successfully):

(config)#aaa authorization commands 1 myList if-authenticated

The following command uses the default list to authorize privileged (level 15) commands against the
defined TACACS+ servers:

(config)#aaa authorization commands 15 default group tacacs+