Role-Based Authorization - Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Configuring Users and Common Roles
The CLI and SNMP use common roles in all switches in the Cisco MDS 9000 Family. You can use the
CLI to modify a role that was created using SNMP and vice versa.
Users, passwords, and roles for all CLI and SNMP users are the same. A user configured through the
CLI can access the switch using SNMP (for example, the Fabric Manager or the Device Manager) and
vice versa.
This chapter includes the following sections:
•
•
•
•
•
•
•

Role-Based Authorization

Switches in the Cisco MDS 9000 Family perform authentication based on roles. Role-based
authorization limits access to switch operations by assigning users to roles. This kind of authentication
restricts you to management operations based on the roles to which you have been added.
When you execute a command, perform command completion, or obtain context sensitive help, the
switch software allows the operation to progress if you have permission to access that command.
This section includes the following topics:
•
•
•
•
OL-18084-01, Cisco MDS NX-OS Release 4.x
Role-Based Authorization, page 32-1
Role Distributions, page 32-4
Configuring Common Roles, page 32-8
Configuring User Accounts, page 32-10
Configuring SSH Services, page 32-14
Recovering the Administrator Password, page 32-19
Default Settings, page 32-21
About Roles, page 32-2
Configuring Roles and Profiles, page 32-2
Configuring Rules and Features for Each Role, page 32-2
Configuring the VSAN Policy, page 32-3
C H A P T E R
Cisco MDS 9000 Family CLI Configuration Guide
32
32-1