Licensing Requirements For User Accounts And Rbac; Guidelines And Limitations For User Accounts And Rbac - Cisco Nexus 9000 Series Configuration Manual
Nx-os security configuration guide, release 9.x
Hide thumbs
Also See for Nexus 9000 Series:
- Configuration manual (276 pages) ,
- Troubleshooting manual (126 pages) ,
- Quick start configuration manual (6 pages)
Table of Contents
Advertisement
Licensing Requirements for User Accounts and RBAC
The command, feature, and feature group parameters create a hierarchical relationship. The most basic control
parameter is the command. The next control parameter is the feature, which represents all commands associated
with the feature. The last control parameter is the feature group. The feature group combines related features
and allows you to easily manage the rules. The Cisco NX-OS software also supports the predefined feature
group L3 that you can use.
You can configure up to 256 rules for each role. The user-specified rule number determines the order in which
the rules are applied. Rules are applied in descending order. For example, if a role has three rules, rule 3 is
applied before rule 2, which is applied before rule 1.
Licensing Requirements for User Accounts and RBAC
The following table shows the licensing requirements for this feature:
Product
Cisco NX-OS
Guidelines and Limitations for User Accounts and RBAC
User accounts and RBAC have the following configuration guidelines and limitations:
• You can add up to 256 rules to a user role.
• You can add up to 64 user-defined feature groups in addition to the default feature group, L3.
• You can configure up to 256 users.
• You can assign a maximum of 64 user roles to a user account.
• If you have a user account configured on the local Cisco NX-OS device that has the same name as a
• You cannot delete the default admin and SNMP user accounts.
• You cannot remove the default user roles from the default admin user accounts.
• The network-operator role cannot run the show running-config and show startup-config commands.
• The Cisco Nexus 9000 Series switches support a single VDC due to which the vdc-admin has the same
Note
If you are familiar with the Cisco IOS CLI, be aware that the Cisco NX-OS commands for this feature might
differ from the Cisco IOS commands that you would use.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
158
License Requirement
User accounts and RBAC require no license. Any feature not included in a license package
is bundled with the nx-os image and is provided at no extra charge to you. For an explanation
of the Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.
remote user account on an AAA server, the Cisco NX-OS software applies the user roles for the local
user account to the remote user, not the user roles configured on the AAA server.
privileges and limitations as the network-admin.
Configuring User Accounts and RBAC
- Quick Links:
- Radius and Tacacs+ Security Protocols
Hide quick links:
Advertisement
Table of Contents
