Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Add users and change Privilege Level on 5406zl Switch

RRosas
Occasional Advisor

Add users and change Privilege Level on 5406zl Switch

Hi.

I wish to add more than 1 user with operator privileges.

Then I want to change the privilege level so that user can execute certain commands, such as show run, but cannot perform any configuration.

Can I perform this task on these switches?
5 REPLIES
Marco Wessel
Valued Contributor

Re: Add users and change Privilege Level on 5406zl Switch

The only way to do this, so far as I know, is to use RADIUS or TACACS(+) authentication.
RRosas
Occasional Advisor

Re: Add users and change Privilege Level on 5406zl Switch

Using an external RADIUS or TACACS server?
Marco Wessel
Valued Contributor

Re: Add users and change Privilege Level on 5406zl Switch

Yes, seeing has how the switches don't have these on-board.
Ralf Krause
Frequent Advisor

Re: Add users and change Privilege Level on 5406zl Switch

That's right, Command Authorization is available through RADIUS authentication only.

You can find the feature description in the "Access Security Guide" in chapter 6:
http://cdn.procurve.com/training/Manuals/3500-5400-6200-6600-8200-ASG-Sept09-6-RADIUS.pdf

You also should be familiar with standard regular expressions.
(http://www.zytrax.com/tech/web/regex.htm)

A sample set of user permissions could look as follows:

^conf.; ^show.; speed-duplex.; ^ping; ^traceroute.; ^vlan [1-9][0-9]*$ ; ^untag.; ^wr.; ^en.; ^int.*[1-9][0-9]*$; ^name.; clear st. ; ^dis.; ^ena.; ^flow-c.; ^mdix-m.; ^reload
RRosas
Occasional Advisor

Re: Add users and change Privilege Level on 5406zl Switch

Thanks a lot for your help guys.