...
Click New User on the User and Session Management panel.
Caption | ||||
---|---|---|---|---|
| ||||
The Create User window appears:
Caption | ||||
---|---|---|---|---|
| ||||
User
: Enter the name of user to be created. A valid user name:can contain only . @ _ - + : special characters
Note |
---|
The characters #%^&(){}<>,/\;`[]=!$'*?|~ are not allowed. |
Role
: Specify the type of Role to be assigned to this user. The options are:
Caption | ||||
---|---|---|---|---|
| ||||
Administrator
: Read-write access to all commands and data spaces, except the Field Service shell.
Calea
: Read-write access to Lawful Intercept tables, and Read access to other tables. Only Admin user can add/remove user from this group. Only one user named “calea” is allowed in this group, and “calea” user cannot be part of any other group.FieldService
: Read-write access to all commands and data spaces. Also, they have access to the Field Service shell containing system debug commands including the ability to access the Linux shell login prompt. Field service does not have access to Security, Event logs and Management Audit Logs and cannot execute any commands stopping or starting these audit log services.Guest
: Read-only access to all commands and data spaces, except commands that deal with user accounts, logging and audit controls, TOD clock and sensitive administrative items. They do not have access to the Field Service shell, Security Event logs, and Management Audit Logs.Operator
: Read-write access to all commands and data spaces, except commands that deal with user accounts, logging and audit controls, TOD clock, and sensitive administrative items. They do not have access to the Field Service shell, Security Event logs, and Management Audit Logs and cannot execute any commands stopping or starting these audit log services.SecurityAuditor
: Access only to the security logs that are generated in SBC. SBC allows the creation of user of type Security Auditor
via CLI and EMA. The SecurityAuditor
will have a read-only access to view the security and management audit logs.Enter the following options:
Allow Interactive Access (CLI and EMA)
: Enable this flag to allow the user to access interactive interfaces such as CLI/EMA.Allow Machine to Machine Access (REST)
: Enable this flag to allow the specified user machine-to-machine access to REST API.Account Expiration Enabled
: If checked, the current user account expires as per the account expiration parameters set in the Application Management window. As per the parameter rules set in the Application Management window, an account can expire in either of the following conditions:Password Expiration Enabled
: If checked, the current account will have the password expiry duration after which the user has to create a new password to login. The duration is set in the Application Management window. For more information, refer to Users and Application Management - Application Management.Account Enabled
: If checked, the account will be enabled immediately.Access Type
: Specifies the type of access that should be given to this user. The options are:Public Key Only (CAC Card)
: The user can login only with U.S. Department of Defense's Common Access Card (CAC) for authentication.Password and Public Key
: The user can login with the provided password along with the U.S. Department of Defense's Common Access Card (CAC) for authentication.
...