The following example resets only the secadmin role to its original setting.Dell(conf)#no role configure addrole secadmin protocolExample: Reset System-Defined Roles and Roles that Inherit PermissionsIn the following example the command protocol permissions are reset to their original setting or one or more of the system-defined rolesand any roles that inherited permissions from them.Dell(conf)#role configure reset protocolAdding and Deleting Users from a RoleTo create a user name that is authenticated based on a user role, use the username name password encryption-type password rolerole-name command in CONFIGURATION mode.ExampleThe following example creates a user name that is authenticated based on a user role.Dell (conf) #username john password 0 password role secadminThe following example deletes a user role.NOTE: If you already have a user ID that exists with a privilege level, you can add the user role to username that has a privilegeDell (conf) #no username johnThe following example adds a user, to the secadmin user role.Dell (conf)#username john role secadmin password 0 passwordAAA Authentication and Authorization for RolesThis section describes how to configure AAA Authentication and Authorization for Roles.Configuration Task List for AAA Authentication and Authorization for RolesThis section contains the following AAA Authentication and Authorization for Roles configuration tasks:• Configuring AAA Authentication for Roles• Configuring AAA Authorization for Roles• Configuring TACACS+ and RADIUS VSA Attributes for RBACConfigure AAA Authentication for RolesAuthentication services verify the user ID and password combination. Users with defined roles and users with privileges are authenticatedwith the same mechanism. There are six methods available for authentication: radius, tacacs+, local, enable, line, and none.When role-based only AAA authorization is enabled, the enable, line, and none methods are not available. Each of these three methodsallows users to be verified with either a password that is not specific to their user ID or with no password at all. Because of the lack ofsecurity these methods are not available for role only mode. When the system is in role-only mode, users that have only privilege levels aredenied access to the system because they do not have a role. For information about role only mode, see Configuring Role-based Only AAAAuthorization.NOTE: Authentication services only validate the user ID and password combination. To determine which commands are permittedfor users, configure authorization. For information about how to configure authorization for roles, see Configure AAAAuthorization for Roles.Security 787