Hi there, hello.<\/p>\n

Advertisement

Close

I need to add a new local user (‘support’) to a bunch of HPE/Aruba switches.<\/p>\n

Advertisement

Close

I’ve got this command so far:<\/p>\n

aaa authentication local-user Support group<\/code><\/p>\n

…but at that stage I need to specify the group. How do I list the available groups?<\/p>\n

Documentation I’ve found so far suggests this:<\/p>\n

show user-group<\/code><\/p>\n

…but that just results in<\/p>\n

Invalid input: user-group<\/code><\/p>\n

You might be asking “What sort of local user?”, and that’s a reasonable question!<\/p>\n

Originally I was told that it’s required to use with some software called Nornir<\/strong> to run various show commands in order to query the configs and ARP tables on our switches, so I would have said a ‘read-only’ user will do (is that better known as an “operator”?)<\/p>\n

However, I’ve since been told that Nornir needs to “…enter the enabled mode” in order to be able to run commands such as Display current-configuration<\/code> and Screen-length disable<\/code>(again, is that better known as a ‘manager’ level account?)<\/p>\n

Either way I believe the way to do this is to assign the new local user to the right group, but I’m struggling to find what those groups are!<\/p>\n

In case it helps, here’s the show version<\/code> output from the device I’m trying this out on:<\/p>\n

switch6(config)# show version\n\nImage stamp:    /ws/swbuildm/rel_beluru_qaoff/code/build/lakes(swbuildm_rel_beluru_qaoff_rel_beluru)\n                Jul 11 2024 22:15:38\n                YA.16.11.0020\n                669\nBoot Image:     Primary\n\nBoot ROM Version:    YA.15.20\n<\/code><\/pre>","upvoteCount":4,"answerCount":16,"datePublished":"2025-05-06T12:00:12.347Z","author":{"@type":"Person","name":"Jeff2262","url":"https://community.spiceworks.com/u/Jeff2262"},"suggestedAnswer":[{"@type":"Answer","text":"
Hi there, hello.<\/p>\n
I need to add a new local user (‘support’) to a bunch of HPE/Aruba switches.<\/p>\n
I’ve got this command so far:<\/p>\n
aaa authentication local-user Support group<\/code><\/p>\n
…but at that stage I need to specify the group. How do I list the available groups?<\/p>\n
Documentation I’ve found so far suggests this:<\/p>\n
show user-group<\/code><\/p>\n
…but that just results in<\/p>\n
Invalid input: user-group<\/code><\/p>\n
You might be asking “What sort of local user?”, and that’s a reasonable question!<\/p>\n
Originally I was told that it’s required to use with some software called Nornir<\/strong> to run various show commands in order to query the configs and ARP tables on our switches, so I would have said a ‘read-only’ user will do (is that better known as an “operator”?)<\/p>\n
However, I’ve since been told that Nornir needs to “…enter the enabled mode” in order to be able to run commands such as Display current-configuration<\/code> and Screen-length disable<\/code>(again, is that better known as a ‘manager’ level account?)<\/p>\n
Either way I believe the way to do this is to assign the new local user to the right group, but I’m struggling to find what those groups are!<\/p>\n
In case it helps, here’s the show version<\/code> output from the device I’m trying this out on:<\/p>\n
switch6(config)# show version\n\nImage stamp:    /ws/swbuildm/rel_beluru_qaoff/code/build/lakes(swbuildm_rel_beluru_qaoff_rel_beluru)\n                Jul 11 2024 22:15:38\n                YA.16.11.0020\n                669\nBoot Image:     Primary\n\nBoot ROM Version:    YA.15.20\n<\/code><\/pre>","upvoteCount":4,"datePublished":"2025-05-06T12:00:12.407Z","url":"https://community.spiceworks.com/t/hpe-aruba-2530-switch-local-users-and-groups/1202922/1","author":{"@type":"Person","name":"Jeff2262","url":"https://community.spiceworks.com/u/Jeff2262"}},{"@type":"Answer","text":"
With Aruba switches, you can type ? after a command to see what other options it has.<\/p>\n
So, if you don’t know the command to show what you’re looking for, type “show ?” and hit Enter. The CLI will list all the valid next words/commands.<\/p>\n
So, I started with:
\nshow ?<\/code><\/p>\n
From there, I thought that authentication or authorization would be good next places to check.
\nshow authentication ?<\/code>
\nshow authorization ?<\/code><\/p>\n
The second one shows a group option, so let’s try that:
\nshow authorization group<\/code><\/p>\n
This shows the security groups defined in the switch.<\/p>","upvoteCount":2,"datePublished":"2025-05-06T15:13:43.198Z","url":"https://community.spiceworks.com/t/hpe-aruba-2530-switch-local-users-and-groups/1202922/2","author":{"@type":"Person","name":"phildrew","url":"https://community.spiceworks.com/u/phildrew"}},{"@type":"Answer","text":"