HP 10500 Series Configuration Manual page 26
Hide thumbs
Also See for 10500 Series:
- Security configuration manual (596 pages) ,
- Configuration manual (512 pages) ,
- Specifications (42 pages)
Table of Contents
Advertisement
Write—Commands, XML elements, or MIB nodes that configure the features in the system. For
•
example, the info-center enable command and the debugging command.
Execute—Commands, XML elements, or MIB nodes that execute specific functions. For example, the
•
ping command and the ftp command.
A user role can access the set of permitted commands, XML elements, and MIB nodes specified in the
user role rules. The user role rules include predefined (identified by sys-n) and user-defined user role rules.
For more information about the user role rule priority, see
Resource access policies
Resource access policies control access of user roles to system resources and include the following types:
Interface policy—Controls access to interfaces.
•
•
VLAN policy—Controls access to VLANs.
VPN instance policy—Controls access to VPN instances.
•
Resource access policies do not control access to the interface, VLAN, or VPN instance options in the
display commands. You can specify these options in the display commands if the options are permitted
by any user role rule.
Predefined user roles
By default, the system provides predefined user roles. These user roles have access to all system resources
(interfaces, VLANs, and VPN instances).
roles.
Among all of the predefined user roles, only network-admin, mdc-admin, and level- 1 5 can perform the
following tasks:
Access the RBAC feature.
•
•
Change the settings in user line view, including user-role, authentication-mode, protocol inbound,
and set authentication password.
Create, modify, and delete local users and local user groups. The other user roles can only modify
•
their own passwords if they have permissions to configure local users and local user groups.
All the predefined user roles in
network-operator user roles are not available for non-default MDCs. For more information about MDCs,
see Virtual Technologies Configuration Guide.
Level-0 to level- 1 4 users can modify their own permissions for any commands except for the display
history-command all command.
Table 6 Predefined roles and permissions matrix
User role name
network-admin
Table 6
shows the access permissions of these predefined user
Table 6
are available for the default MDC. The network-admin and
Permissions
Accesses all features and resources in the system, except for the display
security-logfile summary, info-center security-logfile directory, and
security-logfile save commands.
16
"Configuring user role
rules."
Advertisement
Table of Contents
Troubleshooting
