Table of Contents
Advertisement
D20MX Processor
Appendix A: Default Role-Based
Access Control Model
Configured roles in the D20MX
D20MX HARDWARE USER'S MANUAL
Default Role-Based Access Control Model
When you configure the D20MX to use RADIUS, the D20MX must be configured with a set
of roles in the B014 RADIUS Roles Table (B014RADR) of the WESMAINT II+ application (Refer
to the B014-1NCG WESMAINT II+ for the D20MX Configuration Guide for more information).
The role is identified by a role ID, which is an integer number provided by the RADIUS
server.
The D20MX Default configurations SAG0001 and SAG0002 include a default role-based
access control model that meets the general rules shown in Table 21: General Access
Control Rules. The specific flags defined in the Application Control field of the RADIUS Roles
table are provided in Table 22 through Table 42.
Table 21: General access control rules
Description
Can Change Passwords
Can Clear the Login Buffer
Can Change SCADA Settings
Can Download Firmware
Can Perform Operational Control (e.g. breaker
operation)
Can View Operational Data
Can Access Low Level "C" Shell
Table 22: Shell access level
Description
Access Level
Administrator
(2)
Yes
No
Yes
Yes
Yes
Yes
Yes
Administrator
(2)
Read/Write
GENERAL
Engineer
Operator
Observer
(1)
(3)
(0)
No
No
No
No
No
No
Yes
No
No
Yes
No
No
Yes
Yes
No
Yes
Yes
Yes
No
No
No
Engineer
Operator
Observer
(1)
(3)
(0)
Maintenance Read Only Read Only
85
- Quick Links:
- D20 Chassis
- Configuring the Software
Hide quick links:
Advertisement
Table of Contents
