07-01-2014 02:01 PM
Hi all
What is the reason for command aaa authorization exec in IOS XR?
Command reference states that:
exec | Configures authorization for an interactive ( EXEC) session. |
What does it mean "interactive" session and in what situation could it be helpful? If IOS XR doesn't has enable mode...
___
TIA, Alex
07-06-2014 11:21 AM
Hi Alex,
EXEC mode is still EXEC mode as in IOS regardless the fact if it is privileged (enable) or not.
Treat it similar as in IOS.
Regards,
/A
07-07-2014 05:32 AM
Wanted to add one more piece of detail:
the authorization phase of the exec session allows you to pass on, or use the received session parameters such as privilege level, task-group and all that.
Although priv-level in XR doesn't truly exist, in XR priv-lvl is merely a task group with permissions.
More detail on how to set it up can be found here:
https://supportforums.cisco.com/document/61306/asr9000xr-using-task-groups-and-understanding-priv-levels-and-authorization
The context of an "interactive" session is merely just a CLI with the device.
regards
xander
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: