Viewing Logged Administrators
Forcing an Administrator to Log Out
Copyright © 2010, Juniper Networks, Inc.
Firewall Rulebase Configuration (for Junos devices that support central policy
management)—Allows editing of the policy configuration of J Series routers or SRX
Series gateways in the Central Policy Manager of NSM.
Remaining Configuration—Allows editing of all device configurations, except the routing
configuration for ScreenOS/IDP devices and policy configuration for EX Series switches.
To edit the filter configuration:
From the menu bar, click Tools > Manage Administrators and Domains.
1.
In the RBA settings of NSM, select the Roles tab.
2.
In the Roles dialog box, click the Edit icon to edit an existing custom role or click the
3.
Add icon to create a new role. You can also edit the filter configuration while creating
a new role.
In the activities listed, click the Edit Devices, Device Groups, & Templates link. The
4.
Filter Configuration dialog box appears with a list of filters. By default, all filters of
the activity are enabled.
Disable the filters that are not required and click OK.
5.
NSM lets you view information associated with all the administrators currently logged
into the system. This information includes the following columns:
Home Domain—The name of the domain in which the administrator was created.
Admin Name—The name of the administrator who is logged in.
Status—Whether a user has been active in the last 5 minutes). When the administrator's
status becomes inactive, NSM sends an update to the server at 1-minute intervals. This
update automatically refreshes the screen with the new information. When the
administrator become active again, NSM sends another update to the server that the
status has changed.
IP Address—The administrator's IP address.
Locked Object—A detailed list about the objects locked by each administrator listed.
These locked objects include object identifiers, length of time the object is locked, the
lock type, and so on.
Using this information, system administrators can monitor and manage users more
effectively.
Access to this feature is granted only to system administrators and read-only
administrators. You can access this information from the Tools menu by selecting the
Logged In Administrators menu item. By default, this activity is assigned to the predefined
system administrator role.
As of Release 2007.3, the system administrator can forcibly log out an administrator.
Chapter 3: Configuring Role-Based Administration
89