< Home

authorization-scheme (AAA domain view)

Function

The authorization-scheme command applies an authorization scheme to a domain.

The undo authorization-scheme command unbinds an authorization scheme from a domain.

By default, no authorization scheme is applied to a domain.

Format

authorization-scheme authorization-scheme-name

undo authorization-scheme

Parameters

Parameter

Description

Value

authorization-scheme-name

Specifies the name of an authorization scheme.

The authorization scheme must already exist.

Views

AAA domain view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

RADIUS integrates authentication and authorization; therefore, RADIUS authorization and authentication must be used together. HWTACACS separates authentication from authorization; therefore, you can configure another authorization type even if HWTACACS authentication, local authentication, or non-authentication is used.

To authorize users in a domain, run the authorization-scheme (AAA domain view) command.

Prerequisites

An authorization scheme has been created and configured with required parameters, for example, the authorization mode and command line authorization.

Example

# Apply the authorization scheme author1 to the domain isp1.

<HUAWEI> system-view
[HUAWEI] aaa
[HUAWEI-aaa] authorization-scheme author1
[HUAWEI-aaa-author-author1] quit
[HUAWEI-aaa] domain isp1
[HUAWEI-aaa-domain-isp1] authorization-scheme author1
Parent Topic: AAA Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >