rule 3 permit read write oid 1.3.6.1.4
•
If the same OID is specified in multiple rules, the rule with the higher ID takes effect. For example,
the user role can access the MIB node with OID 1.3.6.1.4.1.25506.141.3.0.1 if the user role contains
rules configured by using the following commands:
rule 1 permit read write oid 1.3.6
rule 2 deny read write oid 1.3.6.1.4.1
rule 3 permit read write oid 1.3.6.1.4.1
The system controls access to the type of MIB nodes (read, write, or execute) specified in the
•
effective rules.
Configuration procedure
To configure rules for a user role:
Step
1.
Enter system view.
2.
Enter user role view.
3.
Configure a rule.
Configuring feature groups
Use feature groups to bulk assign command access permissions to sets of features. In addition to the
predefined feature groups, you can create up to 64 custom feature groups and assign a feature to
multiple feature groups.
To configure a feature group:
Step
1.
Enter system view.
Command
system-view
role name role-name
•
Configure a command rule:
rule number { deny | permit }
command command-string
•
Configure a feature rule:
rule number { deny | permit }
{ execute | read | write } * feature
[ feature-name ]
•
Configure a feature group rule:
rule number { deny | permit }
{ execute | read | write } *
feature-group feature-group-name
•
Configure an XML element rule:
rule number { deny | permit }
{ execute | read | write } *
xml-element [ xml-string ]
•
Configure an OID rule:
rule number { deny | permit }
{ execute | read | write } * oid
[ oid-string ]
Command
system-view
52
Remarks
N/A
N/A
By default, a user-defined user role
does not have any rules or access to
any commands, XML elements, or
MIB nodes.
Repeat this step to add up to 256
rules to the user role.
IMPORTANT:
When you configure feature rules,
you can specify only features
available in the system. Enter feature
names the same as the feature names
are displayed, including the case.
Remarks
N/A