In this section:
The local authentication object allows an administrator to manage SBC Core user authorizations by assigning a user to one of the predefined groups.
For user authentication and group details, refer to Managing SBC Core Users and Accounts.
When a new user is created, the system generates a password for that account. The new user should change the default password after initial login.
Creating a user ID named "sonusadmin" via CLI is not allowed. If "sonusadmin" exists when upgrading to this release, it will automatically be removed.
For CLI details regarding changing passwords, refer to change-password page.
Group
Use this command to create or delete a user group.
You cannot delete a default user group.
Command Syntax
% set oam localAuth group <group name> % show oam localAuth group
Command Parameter
Parameter | Length/Range | Description |
---|---|---|
group | 1-23 characters | <group name> – The name of the user group. The characters #%^&(){}<>,/\;`[]=!$"*?|~ and SPACE are not allowed. |
Rule-List
Command Syntax
% set oam localAuth rule-list <rule list name> cmdrule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> command <string> comment <string> context <string> group <group name> rule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> comment <string> context <string> module-name <string> path <string> rpc-name <string>
Command Parameters
Parameter | Description |
---|---|
rule-list | <rule list name> – The unique rule-list name. |
cmdrule |
|
group | <group name> – The name of the user group to associate with this rule-list. If not selected, this parameter defaults to the group that corresponds to the current level of access of this current session. |
rule | The rule object.
|
User
Command Syntax
% set oam localAuth user <user name> accountAgingState <disabled | enabled> accountRemovalState <disabled | enabled> group <Administrator | Calea | FieldService | Guest | Operator | SecurityAuditor> interactiveAccess <disabled | enabled> m2mAccess <disabled | enabled> passwordAgingState <disabled | enabled> passwordLoginSupport <disabled | enabled> % show oam localAuth displaylevel group rule-list user % delete oam localAuth user <user name>
Command Parameters
Info
Refer to Account Management - CLI for system-level configuration of OS account aging, account aging, account removal, brute-force attack, maximum number of sessions, password aging and session idle timeout.
Command Example
The following example shows current authorizations for configured users.
> show status oam localAuth user userStatus admin { currentStatus Enabled; userId 3000;
Overview
Content Tools