User Configuration

OcNOS-RON : System Management Guide : System Management Configuration Guide : User Configuration

User Configuration

Test

Overview

User management is an authentication feature that provides administrators with the ability to identify and control the users who log into the network.

OcNOS provides 4 different roles for users.

• Network Administrator: can make permanent changes to switch configuration. Changes are persistent across reset/reboot of switch.

• Network Engineer: can make permanent changes to switch configuration. Changes are persistent across reset/reboot of switch.

• Network Operator: can make permanent changes to switch configuration. Changes are not persistent across reset/reboot of switch.

• Network User: displays information; cannot modify configuration.

User Configuration

#configure terminal	Enter configure mode.
(config)#username user1 password user12345	Create “user1” with password user12345 which will have default role as network-user.
(config)#username user1 role network-operator password user12345	Change the role for user1 to network-operator.
(config)#username user2 role network-operator password user12345	Create “user2” with role as network-operator.
(config)#username user3 role network-admin password user12345	Create “user3” with role as network-admin.
(config)#username user4 role network-engineer password user12345	Create “user4” with role as network-engineer.
(config)#exit	Exit configure mode.

Validation Commands

show user-account, show user-account <username>, show role

#show user-account

User:user1

roles: network-operator

User:user2

roles: network-operator

User:user3

roles: network-admin

User:user4

roles: network-engineer

#show role

Role Name Info

------------------------------------------------------------------------

network-admin Network Administrator - Have all permissions

network-engineer Network Engineer - Can save configuration

network-operator Network Operator - Can not save configuration

network-user Network User - Can not change configuration

rbac-customized-role RBAC User - Can change only permitted configuration

#show user-account user1

User:user1

roles: network-operator