OcNOS-RON : System Management Guide : System Management Configuration Guide : User Configuration
User Configuration
Test
Overview
User management is an authentication feature that provides administrators with the ability to identify and control the users who log into the network.
OcNOS provides 4 different roles for users.
Network Administrator: can make permanent changes to switch configuration. Changes are persistent across reset/reboot of switch.
Network Engineer: can make permanent changes to switch configuration. Changes are persistent across reset/reboot of switch.
Network Operator: can make permanent changes to switch configuration. Changes are not persistent across reset/reboot of switch.
Network User: displays information; cannot modify configuration.
User Configuration
 
#configure terminal
Enter configure mode.
(config)#username user1 password user12345
Create “user1” with password user12345 which will have default role as network-user.
(config)#username user1 role network-operator password user12345
Change the role for user1 to network-operator.
(config)#username user2 role network-operator password user12345
Create “user2” with role as network-operator.
(config)#username user3 role network-admin password user12345
Create “user3” with role as network-admin.
(config)#username user4 role network-engineer password user12345
Create “user4” with role as network-engineer.
(config)#exit
Exit configure mode.
Validation Commands
show user-account, show user-account <username>, show role
#show user-account
User:user1
roles: network-operator
User:user2
roles: network-operator
User:user3
roles: network-admin
User:user4
roles: network-engineer
 
 
 
#show role
Role Name Info
------------------------------------------------------------------------
network-admin Network Administrator - Have all permissions
network-engineer Network Engineer - Can save configuration
network-operator Network Operator - Can not save configuration
network-user Network User - Can not change configuration
rbac-customized-role RBAC User - Can change only permitted configuration
 
 
#show user-account user1
User:user1
roles: network-operator