Table of Contents
Advertisement
84 Managing Users and Groups
9
10
Copyright © 2007-2008 Nortel Networks
.
the certadmin group should know the export passphrase. The
export passphrase can contain spaces and is case sensitive.
>> User cert_admin# ../caphrase
Enter new passphrase:
Re-enter to confirm:
Passphrase changed.
Remove the admin user from the certadmin group.
Again, this step is only necessary if you want to fully separate
the Certificate Administrator user role from the Administrator user
role. Note however, once the admin user is removed from the
certadmin group, only a user who is already a member of the
certadmin group can grant the admin user certadmin group
membership.
When the admin user is removed from the certadmin group,
only the Certificate Administrator user can access the Certificate
menu (/cfg/cert).
>> User# edit admin
>> User admin# groups/list
1: tunnelguard
2: admin
3: oper
4: certadmin
>> Groups# del 4
Note: It is critical that a Certificate Administrator user is
created and assigned certadmin group membership before
the admin user is removed from the certadmin group.
Otherwise there is no way to assign certadmin group
membership to a new user, or to restore certadmin group
membership to the admin user, should it become necessary.
Verify and apply the changes.
>> Groups# list
Old:
1: tunnelguard
2: admin
3: oper
4: certadmin
Pending:
1: tunnelguard
Nortel VPN Gateway
User Guide
NN46120-104 02.01 Standard
14 April 2008
Advertisement
Table of Contents
