local-user level

Format

local-user user-name level level

undo local-user user-name level

Parameters

Parameter	Description	Value
user-name	Specifies the user name.	The value is a string of 1 to 253 case-insensitive characters without spaces. If the value includes @, the characters before @ are the user name and the characters after @ are the domain name. If the value excludes @ or the domain name does not exist, the entire string is the user name and the user belongs to the default domain. A user name cannot contain two or more @s.
level	Specifies the user level.	The value is an integer ranging from 0 to 15. If the command-privilege level rearrange command is not run, the available level ranges from 0 to 3. If the command is run, the available level ranges from 0 to 15. If the command-privilege level rearrange command configuration is changed, the value of level changes based on the level mapping. If the command-privilege level rearrange command configuration is added, the levels of level-0 and level-1 commands remain unchanged, the level of level-2 commands is upgraded to 10, and that of level-3 commands is upgraded to 15. If the command-privilege level rearrange command configuration is deleted, the level of level-0 commands remains unchanged, the levels of level-1 to level-9 commands are downgraded to 1, the levels of level-10 to level-14 commands are downgraded to 2, and the level of level-15 commands is downgraded to 3.

Parameter

Description

Value

user-name

Specifies the user name.

The value is a string of 1 to 253 case-insensitive characters without spaces. If the value includes @, the characters before @ are the user name and the characters after @ are the domain name. If the value excludes @ or the domain name does not exist, the entire string is the user name and the user belongs to the default domain. A user name cannot contain two or more @s.

level

Specifies the user level.

The value is an integer ranging from 0 to 15.

If the command-privilege level rearrange command is not run, the available level ranges from 0 to 3. If the command is run, the available level ranges from 0 to 15.

If the command-privilege level rearrange command configuration is changed, the value of level changes based on the level mapping.

If the command-privilege level rearrange command configuration is added, the levels of level-0 and level-1 commands remain unchanged, the level of level-2 commands is upgraded to 10, and that of level-3 commands is upgraded to 15.
If the command-privilege level rearrange command configuration is deleted, the level of level-0 commands remains unchanged, the levels of level-1 to level-9 commands are downgraded to 1, the levels of level-10 to level-14 commands are downgraded to 2, and the level of level-15 commands is downgraded to 3.

Views

AAA view

Default Level

3: Management level

Task Name and Operations

Task Name	Operations
aaa	write

Usage Guidelines

Usage Scenario

The Router can manage commands based on command levels. All commands are configured with operation levels. A user can use this command only when the user level is equal to or higher than the level of this command.

The configured level of the local user cannot be higher than that of the login-in user.

Precautions

A local user attribute change does not apply to online users. The change takes effect after the online users relog in.

Example

# Set the level of a local user Hello123@huawei.net to 3.

<HUAWEI> system-view
[~HUAWEI] aaa
[~HUAWEI-aaa] local-user Hello123@huawei.net password irreversible-cipher Hello-13579
[~HUAWEI-aaa] local-user Hello123@huawei.net level 3