User Cannot Access Certain Features; Verifying Roles Using Device Manager - Cisco 9134 - MDS Multilayer Fabric Switch Troubleshooting Manual

User and Role Issues
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m

User Cannot Access Certain Features

Symptom
Table 18-4 User Cannot Access Certain Features
Symptom Possible Cause
User cannot access User is assigned incorrect role.
certain features.
Role is not configured for appropriate
access.

Verifying Roles Using Device Manager

To verify user role-based access using Device Manager, follow these steps:
Choose Security > Users... to view the roles assigned to the user.
Step 1
Right-click a user and click Delete to delete the user.
Step 2
Click Create to create a user. You see the Create User dialog box.
Step 3
Set the username and password fields.
Step 4
Check the role check boxes for each role that you want to assign to the user and click Create to create
Step 5
the user.
Choose Security > Roles... to view the roles.
Step 6
Right-click a role and select Rules to view or modify the rules assigned to a role.
Step 7
Check the feature check boxes for the features that you want this role to access and click Apply to save
Step 8
these changes.
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
18-8
User cannot access certain features.
Chapter 18
Solution
For RADIUS, configure the vendor-specific attributes on
the server for the role using
" ".
roles = " <rolename>
For TACACS+, configure the attribute and value pair on the
server for the role using
roles="vsan-admin
".
storage-admin
See the "Verifying Roles Using Device Manager" section
on page 18-8 or the "Verifying Roles Using the CLI"
section on page 18-9.
See the "Verifying Roles Using Device Manager" section
on page 18-8 or the "Verifying Roles Using the CLI"
section on page 18-9.
Troubleshooting Users and Roles
Cisco-AVPair = "shell:
OL-9285-05