display authorization-scheme

Function

The display authorization-scheme command displays the configuration of the authorization scheme.

Format

display authorization-scheme [ authorization-scheme-name ]

Parameters

Parameter	Description	Value
authorization-scheme-name	Specifies the name of an authorization scheme.	The value is a string of 1 to 32 case-insensitive characters.

Parameter

Description

Value

authorization-scheme-name

Specifies the name of an authorization scheme.

The value is a string of 1 to 32 case-insensitive characters.

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
aaa-access	read

Usage Guidelines

Usage Scenario

If you use this command in the authorization scheme view or specify a name for the authorization scheme, the detailed configuration of the authorization scheme is displayed; otherwise, only the summary is displayed.

Prerequisites

The configuration of an authorization scheme can be checked only after the scheme is created.

In VS mode, this command is supported only by the admin VS.

Example

The actual command output varies according to the device. The command output here is only an example.

# Displays the configuration of authorization scheme author1.

<HUAWEI> display authorization-scheme author1
---------------------------------------------------------------------------
 Authorization-scheme-name               : author1
 Authorization-method                    : HWTACACS authorization
 Authorization-cmd level 0               : disabled
 Authorization-cmd level 1               : enabled  ( Hwtacacs  )
 Authorization-cmd level 2               : enabled  ( Hwtacacs Local )
 Authorization-cmd level 3               : disabled
 Authorization-cmd level 4               : disabled
 Authorization-cmd level 5               : disabled
 Authorization-cmd level 6               : disabled
 Authorization-cmd level 7               : disabled
 Authorization-cmd level 8               : disabled
 Authorization-cmd level 9               : disabled
 Authorization-cmd level 10              : disabled
 Authorization-cmd level 11              : disabled
 Authorization-cmd level 12              : disabled
 Authorization-cmd level 13              : disabled
 Authorization-cmd level 14              : disabled
 Authorization-cmd level 15              : disabled
 Authorization-cmd no-response-policy    : Online

# Display all the authorization schemes configured in the system.

<HUAWEI> display authorization-scheme
---------------------------------------------------------------------------
  Authorization-scheme-name          Authorization-method
  ---------------------------------------------------------------------------
  default                            Local
  author1                            HWTACACS
  ---------------------------------------------------------------------------
  Total 2,2 printed

**Table 1** Description of the **display authorization-scheme** command output
Item	Description
Authorization-scheme-name	Indicates the name of an authorization scheme.
Authorization-method	Indicates the authorization method. The values are as follows: HWTACACS authorization. If-authenticated authorization. Local authorization. No authorization (authorizes users directly).
Authorization-cmd level	Indicates priority of a user. The value ranges from 0 to 15, matching 16 priorities. disabled: Command authorization is disabled for the user of this level. enabled ( Hwtacacs): Command authorization is enabled for the user of this level. enabled ( Hwtacacs Local): Command authorization is enabled for the user of this level, and local authorization will be used when command line-based authorization fails.
Authorization-cmd no-response-policy	Indicates the policy adopted for users when the authorization fails to respond. The values are as follows: Offline: logs the users out. Online: keeps the user online.