The server no-response authorization command configures the device to perform authorization in the configured authorization sequence after local authentication is used when the server does not respond to users' authentication requests and both server authentication and local authentication are configured.
The undo server no-response authorization command configures the device to request local authorization after local authentication is used when the server does not respond to users' authentication requests and both server authentication and local authentication are configured. By default, when both server authentication and local authentication are configured, the device requests local authorization after local authentication is used when the server does not respond to users' authentication requests.
In most cases, if both remote authentication and local authentication are configured on a device and remote authentication does not respond, the device selects local authentication. After local authentication is performed on a user, the device requests local authorization. After the server no-response authorization command is run, the device still uses the configured authorization mode.
Precautions
RADIUS authentication and authorization are integrated. Therefore, when RADIUS authentication and local authentication are configured, if remote authentication does not respond, remote authorization does not respond, and the device still uses local authorization.
You can run the display access-user user-id command to check the authentication mode and authorization mode after this command is configured.
# When HWTACACS+local authentication and authorization are configured, the device requests authorization in the configured authorization mode instead of requesting local authorization after local authentication is used if the server does not respond.
<HUAWEI> system-view [HUAWEI] aaa [HUAWEI-aaa]authentication-scheme authen1 [HUAWEI-aaa-authen-authen1] authentication-mode hwtacas local [HUAWEI-aaa-authen-authen1] server no-response authorization [HUAWEI-aaa-authen-authen1] quit [HUAWEI-aaa-authen-authen1] authentication-scheme authen2 [HUAWEI-aaa-authen-authen1] authorization-mode hwtacacs local [HUAWEI-aaa-authen-authen1] quit