HP 5130 EI series Configuration Manual page 55

Hide thumbs Also See for 5130 EI series:

Installation manual (70 pages)

Configuration manual (64 pages)

Configuration manual (171 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

Table of Contents

XML element rule—Controls access to XML elements used for configuring the device.

•

OID rule—Controls SNMP access to a MIB node and its child nodes. The path from the root node

to that node is uniquely identified by OID.

A user role can access the set of permitted commands, XML elements, and MIB nodes specified in the

user role rules. The user role rules include predefined (identified by sys-n) and user-defined user role rules.

For more information about the user role rule priority, see

Resource access policies

Resource access policies control access of user roles to system resources and include the following types:

Interface policy—Controls access to interfaces.

•

VLAN policy—Controls access to VLANs.

Resource access policies do not control access to the interface or VLAN options in the display commands.

You can specify these options in the display commands if the options are permitted by any user role rule.

Predefined user roles

The system provides predefined user roles. These user roles have access to all system resources (interfaces

and VLANs). However, their access permissions differ, as shown in

Among all of the predefined user roles, only network-admin and level- 1 5 can perform the following tasks:

Access the RBAC feature.

•

Change the settings in user line view, including user-role, authentication-mode, protocol inbound,

•

and set authentication password.

•

Create, modify, and delete local users and local user groups. The other user roles can only modify

their own password if they have permissions to configure local users and local user groups.

Level-0 to level- 1 4 users can modify their own permissions for any commands except for the display

history-command all command.

Table 9 Predefined roles and permissions matrix

User role name

network-admin

network-operator

Permissions

Accesses all features and resources in the system, except for the display

security-logfile summary, info-center security-logfile directory, and

security-logfile save commands.

•

Accesses the display commands for features and resources in the system.

To display all accessible commands of the user role, use the display role

command.

•

Enables local authentication login users to change their own password.

•

Accesses the command used for entering XML view.

•

Accesses all read-type XML elements.

•

Accesses all read-type MIB nodes.

"Configuring user role

Table

rules."

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

HP 5130 EI series Configuration Manual page 55

Hide quick links:

Troubleshooting

Related Products for HP 5130 EI series

HP 5130 EI series Configuration Manual page 55

Hide quick links:

Troubleshooting

Related Manuals for HP 5130 EI series

Related Products for HP 5130 EI series

Table of Contents