Add_workflow_for_techpubs | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Panel | ||||
---|---|---|---|---|
In this section:
|
The local authentication object allows an administrator to manage
Spacevars | ||
---|---|---|
|
For user authentication and group details, refer to Managing Default Groups and Passwords.
Note |
---|
When a new user is created, the system generates a password for that account. The new user should change the default password after initial login. |
Note |
---|
Creating a user ID named "sonusadmin" via CLI is not allowed. If "sonusadmin" exists when upgrading to this release, it will automatically be removed. |
For CLI details regarding changing passwords, refer to change-password page.
Use this command to create or delete a user group.
Note |
---|
You cannot delete a default user group. |
Code Block | ||
---|---|---|
| ||
% set oam localAuth group <group name>
% show oam localAuth group
% delete oam localAuth group <group name> |
Parameter | Length/Range | Description |
---|---|---|
group | 1-23 characters | <group name> – The name of the user group. The characters #%^&(){}<>,/\;`[]=!$"*?|~ and SPACE are not allowed. |
Code Block |
---|
% set oam localAuth rule-list <rule list name> cmdrule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> command <string> comment <string> context <string> group <group name> rule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> comment <string> context <string> module-name <string> path <string> rpc-name <string> |
Parameter | Description |
---|---|
rule-list | <rule list name> – The unique rule-list name. |
cmdrule |
|
group | <group name> – The name of the user group to associate with this rule-list. If not selected, this parameter defaults to the group that corresponds to the current level of access of this current session. |
rule | The rule object.
|
Multiexcerpt include | ||||
---|---|---|---|---|
|
Code Block | ||
---|---|---|
| ||
% set oam localAuth user <user name> accountAgingState <disabled | enabled> accountRemovalState <disabled | enabled> group <Administrator | Calea | FieldService | Guest | Operator | SecurityAuditor> interactiveAccess <disabled | enabled> m2mAccess <disabled | enabled> passwordAgingState <disabled | enabled> passwordLoginSupport <disabled | enabled> % show oam localAuth user <user name> group <group name> displaylevel <displaylevel> displaylevel group rule-list user % delete oam localAuth user <user name> |
Caption | ||||
---|---|---|---|---|
| ||||
Parameter | Description |
---|---|
| Specifies the name of the group user. |
accountAgingState | The account aging state for a particular user.
|
accountRemovalState | Use this flag to enable/disable the account removal feature for this user.
Refer to Account Management - CLI for system level account management. |
| Use this control to specify user authentication group type:
NOTE: For guidance with adding users to the SBC, refer to Managing Default Groups and Passwords. |
interactiveAccess | When enabled, this flag allows the specified user access to interactive interfaces such as CLI and EMA.
|
m2mAccess | Enable this flag to allow the specified user machine-to-machine access to REST API. For REST API details, refer to REST API User's Guide.
|
passwordAgingState | The password aging state for the specified user.
|
passwordLoginSupport | Enable flag to allow specified user to login using password.
|
| To display different levels of output information in show commands. |
The following example shows current authorizations for configured users.
Code Block | ||
---|---|---|
| ||
%> show status oam localAuth user useruserStatus admin { group AdministratorcurrentStatus Enabled; passwordAgingStateuserId enabled; accountAgingState disabled; passwordLoginSupport enabled; interactiveAccess enabled; m2mAccess enabled; accountRemovalState disabled; } 3000; |