Configuring Common Roles - Cisco MDS 9000 Series Configuration Manual
Security
Hide thumbs
Also See for MDS 9000 Series:
- Command reference manual (1464 pages) ,
- Configuration manual (344 pages) ,
- Troubleshooting manual (161 pages)
Table of Contents
Advertisement
Configuring Common Roles
Configuring Common Roles
The CLI and SNMP in all switches in the Cisco MDS 9000 Family use common roles. You can use SNMP
to modify a role that was created using the CLI and vice versa (see
Figure 1: Common Roles
A custom role user with Network-Admin privileges is restricted to modify the account of other users. However,
only the Admin can modify all user accounts.
You can modify the user privileges by performing the following task.
1. Modify role using console authentication.
If you setup the console authentication as 'local', logon using the Local-Admin user and modify the user.
2. Modify role using remote authentication.
Turn off the remote authentication. Logon using the Local -Admin privileges and modify the user. Turn
on the remote authentication.
3. Modify role using LDAP/AAA.
Create a group in LDAP/AAA and rename the group as Network-Admin. Add the required users to this
group. The users of this group will now have complete Network-Admin privileges.
Each role in SNMP is the same as a role created or modified through the CLI (see the
on page
Each role can be restricted to one or more VSANs as required.
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
22
+
Rule
Type
Command-type
+
---------------------------------------------
+
1.
permit
config
11).
Feature
fspf
Figure 1: Common Roles, on page
Common Roles
22).
Role-Based Authorization,
Advertisement
Chapters
Table of Contents
