Related commands
• authentication default
• hwtacacs scheme
• ldap scheme
• local-user
• radius scheme
authentication super
Use authentication super to specify the authentication method for user role switching.
Use undo authentication super to restore the default.
Syntax
authentication super { hwtacacs-scheme hwtacacs-scheme-name | radius-scheme radius-scheme-name }
*
undo authentication super
Default
The default authentication method of the ISP domain is used for user role switching authentication.
Views
ISP domain view
Predefined user roles
network-admin
Parameters
hwtacacs-scheme hwtacacs-scheme-name: Specifies an HWTACACS scheme by its name, a
case-insensitive string of 1 to 32 characters.
radius-scheme radius-scheme-name: Specifies a RADIUS scheme by its name, a case-insensitive string of
1 to 32 characters.
Usage guidelines
You can specify one authentication method and one backup authentication method to use in case that
the previous authentication method is invalid.
If you specify a scheme to provide the method for user role switching authentication, the method applies
only to users whose user role is in the format of level-n.
• If an HWTACACS scheme is specified, the device uses the entered username for role switching
authentication. The username must already exist on the HWTACACS server to represent the highest
user level to be switched to. For example, to switch to a level-3 user role whose username is test, the
device uses test@domain-name or test for role switching authentication, depending on whether the
domain name is required.
11
To Next Page
Loading...
Need help?
General
