No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S600-E V200R010C00 Configuration Guide - User Access and Authentication

This document describes the working mechanisms, configuration procedures, and configuration examples of User Access and Authentication features, such as AAA, NAC, and Policy Association.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
A User Cannot Enter the System View After Logging In to the Device Through Telnet When Local Authentication Is Used

A User Cannot Enter the System View After Logging In to the Device Through Telnet When Local Authentication Is Used

Context

A user is only authorized to run commands at the same level as or below the user level. For example, a user at level 2 can run only the commands at levels 0, 1, and 2.

Fault Description

A user successfully logs in to the device through Telnet, but cannot run the system-view command to enter the system view or run other commands at the configuration level.

Common Causes

A common cause of the fault is that the user is not authorized to run commands at the configuration level (level 2).

If this is the case, the user level may be lower than level 2. There is a possibility that no user level is specified for the user, so the user level is set to the default level.

NOTE:

By default, the users on the console port are at level 15 and the users on the VTY user interface are at level 0.

Procedure

The following procedures can be used to rectify this fault:

  • If the administrator resets the user level for the user:

    • The administrator can log in to the device from the VTY user interface through Telnet, and then run the local-user user-name privilege level level command to reset the user level.

    • The administrator can log in to the device through the console port, and then run the local-user user-name privilege level level command to reset the user level.
    <HUAWEI> system-view
    [HUAWEI] aaa
    [HUAWEI-aaa] local-user user1 privilege level 15  //Set the user level of user1 to 15.
  • If the user changes the user level online:

    1. The administrator sets the password, which is used to change the user level to 15.

      <HUAWEI> system-view
      [HUAWEI] super password level 15 cipher Huawei@5678
      
    2. The user logs in to the device through Telnet and uses the password to change the user level.

      <HUAWEI> super 15
      Password:  //Enter the password Huawei@5678.
      Now user privilege is 15 level, and only those commands whose level is equal to o
      r less than this level can be used.                                             
      Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE   //User level is raised successfully.
Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000141885

Views: 57398

Downloads: 10

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next