182 Configuring Authentication, Authorization, and Accounting• Login— Login authentication grants access to the switch if the usercredentials are validated. Access is granted only at privilege level one.• Enable—Enable authentication grants access to a higher privilege level ifthe user credentials are validated for the higher privilege level. WhenRADIUS is used for enable authentication, the username for this request isalways $enab15$. The username used to log into the switch is not used forRADIUS enable authentication.• dot1x—Dot1x authentication is used to grant an 802.1X supplicant accessto the network. For more information about 802.1X, see "Configuring Portand System Security " on page 469 .Table 10-2 shows the valid methods for each type of authentication:AuthorizationAuthorization is used to determine which services the user is allowed toaccess. For example, the authorization process may assign a user’s privilegelevel, which determines the set of commands the user can execute. There arethree kinds of authorization: commands, exec, and network.• Commands: Command authorization determines which CLI commandsthe user is authorized to execute.• Exec: Exec authorization determines what the user is authorized to do onthe switch; that is, the user’s privilege level and an administrative profile.Table 10-2. Valid Methods for Authentication TypesMethod Login Enable dot1xenable yes yes noias no no yesline yes yes nolocal yes no nonone yes yes yesradius yes yes yestacacs yes yes no