07-01-2014 02:01 PM
Hi all
What is the reason for command aaa authorization exec in IOS XR?
Command reference states that:
exec | Configures authorization for an interactive ( EXEC) session. |
What does it mean "interactive" session and in what situation could it be helpful? If IOS XR doesn't has enable mode...
___
TIA, Alex
07-06-2014 11:21 AM
Hi Alex,
EXEC mode is still EXEC mode as in IOS regardless the fact if it is privileged (enable) or not.
Treat it similar as in IOS.
Regards,
/A
07-07-2014 05:32 AM
Wanted to add one more piece of detail:
the authorization phase of the exec session allows you to pass on, or use the received session parameters such as privilege level, task-group and all that.
Although priv-level in XR doesn't truly exist, in XR priv-lvl is merely a task group with permissions.
More detail on how to set it up can be found here:
https://supportforums.cisco.com/document/61306/asr9000xr-using-task-groups-and-understanding-priv-levels-and-authorization
The context of an "interactive" session is merely just a CLI with the device.
regards
xander
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide