< Home

Configuring User Authorization Information to Be Delivered to Authentication Control Devices

This section provides a sample of configuring user authorization information to be delivered to authentication control devices using the merge method.

Table 1 Configuring user authorization information to be delivered to authentication control devices

Operation

XPATH

edit-config:merge

/huawei-aaa:aaa/service-scheme/name

/huawei-aaa:aaa/service-scheme/local-authorize

Data Requirements

Table 2 Configuring user authorization information to be delivered to authentication control devices

Item

Data

Description

authorize-parameters

acl car ucl-group priority vlan

-

none

true

-

Request Example

# Configure user authorization information to be delivered to authentication control devices.

<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="0" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <edit-config>
    <target>
      <running/>
    </target>
    <config>
      <hw-aaa:aaa xmlns:hw-aaa="urn:huawei:params:xml:ns:yang:huawei-aaa">
        <hw-aaa:service-scheme>
          <hw-aaa:name>xuandong_001</hw-aaa:name>
          <hw-aaa:vsys>pub</hw-aaa:vsys>
          <hw-aaa:local-authorize>
            <hw-aaa:authorize-parameters>acl car ucl-group priority vlan</hw-aaa:authorize-parameters>
          </hw-aaa:local-authorize>
        </hw-aaa:service-scheme>
      </hw-aaa:aaa>
    </config>
  </edit-config>
</rpc>

# Configure not to deliver user authorization information to authentication control devices.

<rpc message-id="7" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
  <edit-config>
    <target>
      <running/>
    </target>
    <config>
      <hw-aaa:aaa xmlns:hw-aaa="urn:huawei:params:xml:ns:yang:huawei-aaa">
        <hw-aaa:service-scheme>
          <hw-aaa:name>xuandong_001</hw-aaa:name>
          <hw-aaa:vsys>pub</hw-aaa:vsys>
          <hw-aaa:local-authorize>
            <hw-aaa:none>true</hw-aaa:none>
          </hw-aaa:local-authorize>
        </hw-aaa:service-scheme>
      </hw-aaa:aaa>
    </config>
  </edit-config>
</rpc>

Response Example

Sample of successful response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="0">
 <ok/>
</rpc-reply>

Sample of failed response

<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="8">
  <rpc-error>
    <error-type>application</error-type>
    <error-tag>operation-failed</error-tag>
    <error-severity>error</error-severity>
    <error-path>/huawei-aaa:aaa/service-scheme[name='xuandong_001'][vsys='pub']/local-authorize/none</error-path>
    <error-message>parse rpc config error.(Invalid value "error" in "none" element.).</error-message>
  </rpc-error>
</rpc-reply>
Parent Topic: Policy Association
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >