Security e-Series
1745793 Members
3739 Online
108722 Solutions
New Discussion

Additional Privileges for operator group on HP Procurves?

 
Dan_Scherck
New Member

Additional Privileges for operator group on HP Procurves?

I can't seem to find any real information in the HP documentation about the aaa authorization group commands.

I would like to allow a utility user account to be able to do a copy command to an sftp server for automated backup and version control of our switches.

 

(We already have PCM+ 4.x but it doesn't provide quite the depth or granularity that we want.)

 

Is this possible? If so, how? We have a NAS server (Microsoft 2008 R2) providing Radius authentication, and have it configured already for operator / manager authorization. However, we don't want a script running that has the password for a manager-level domain account just lying around on the server.

 

Ideas?

 

Goal:

service account user can use SCP to directly copy out the running-config file from the switch without having full enable mode privileges.

 

Secondary goal:

Failing that, the service account user can do a "show running-config" command without having full enable mode privileges.

 

Thanks in advance!

1 REPLY 1
Dan_Scherck
New Member

Re: Additional Privileges for operator group on HP Procurves?