configure snmpv3 delete access

configure snmpv3 delete access [all-non-defaults | {[[hex hex_group_name] | group_name] {sec-model [snmpv1 | snmpv2c | usm] sec-level [noauth | authnopriv | priv]}}]

Description

Deletes access rights for a group.

Syntax Description

all-non-defaults Specifies that all non-default (non-permanent) security groups are to be deleted.
hex_group_name Specifies the group name to be deleted. The value is to be supplies as a colon separated string of hex octets.
group_name Specifies the group name to be deleted in ASCII format.
sec-model Specifies the security model to use.
snmpv1 Specifies the SNMPv1 security model.
snmpv2c Specifies the SNMPv2c security model.
usm Specifies the SNMPv3 User-based Security Model (USM).
sec-level Specifies the security level for the group.
noauth Specifies no authentication (and implies no privacy) for the security level.
authnopriv Specifies authentication and no privacy for the security level.
priv Specifies authentication and privacy for the security level.

Default

The default values are:
  • sec-model—USM.

  • sec-level—noauth.

Usage Guidelines

Use this command to remove access rights for a group. Use the all-non-defaults keyword to delete all the security groups, except for the default groups. The default groups are: admin, initial, v1v2c_ro, v1v2c_rw.

Deleting an access will not implicitly remove the related group to user association from the VACMSecurityToGroupTable. To remove the association, use the following command:

configure snmpv3 delete group {[[hex hex_group_name] |group_name]} user [all-non-defaults | {[[hexhex_user_name] |user_name] {sec-model [snmpv1|snmpv2c|usm]}}]

Example

The following command deletes all entries with the group name userGroup:

configure snmpv3 delete access userGroup

The following command deletes the group userGroup with the security model snmpv1 and security level of authentication and no privacy (authnopriv):

configure snmpv3 delete access userGroup sec-model snmpv1 sec-level authnopriv

History

This command was first available in ExtremeXOS 10.1.

The hex_group_name parameter was added in ExtremeXOS 11.0.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.