H3C LS-3100-52P-OVS-H3 Operation Manual - page 1324
1-21
attributes for the local users in the group. Currently, you can configure password control attributes and
authorization attributes for a user group.
By default, every newly added local user belongs to the user group of system and bears all attributes of
the group. User group system is automatically created by the device.
Follow these steps to configure the attributes for a user group:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Create a user group and enter user
group view
user-group group-name
Required
Configure the authorization attributes
for the user group
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute |
level level | user-profile profile-name |
vlan vlan-id | work-directory
directory-name } *
Optional
By default, no
authorization
attribute is
configured for a
user group.
Tearing down User Connections Forcibly
Follow these steps to tear down user connections forcibly:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Tear down AAA user
connections forcibly
cut connection { all | domain
isp-name| ucibindex
ucib-index | user-name
user-name } [ slot slot-number ]
Required
Applies to only LAN access and
portal user connections at
present
Displaying and Maintaining AAA
To do…
Use the command…
Remarks
Display the configuration
information of a specified ISP
domain or all ISP domains
display domain [ isp-name ]
Available in any view
Display information about
specified or all user connections
display connection [ domain
isp-name | ucibindex ucib-index|
user-name user-name] [ slot
slot-number ]
Available in any view
Display information about
specified or all local users
display local-user [ idle-cut
{ disable | enable } | service-type
{ ftp | lan-access | portal | ssh |
telnet | terminal } | state { active |
block } | user-name user-name |
vlan vlan-id ] [ slot slot-number ]
Available in any view
Display configuration
information about a specified
user group or all user groups
display user-group [ group-name ]
Available in any view