In this section:
The local authentication object allows an administrator to manage
For user authentication and group details, refer to Default Accounts and Passwords.
Creating a user ID named "sonusadmin" via CLI is not allowed. If "sonusadmin" exists when upgrading to this release, it will automatically be removed.
For CLI details regarding changing passwords, see change-password page.
Use this command to create or delete a user group.
You cannot delete a default user group.
% set oam localAuth group <group name> % show oam localAuth group % delete oam localAuth group <group name>
Parameter | Length/Range | Description |
---|---|---|
group | 1-23 characters | <group name> – The name of the user group. The characters #%^&(){}<>,/\;`[]=!$"*?|~ and SPACE are not allowed. |
% set oam localAuth rule-list <rule list name> cmdrule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> command <string> comment <string> context <string> group <group name> rule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> comment <string> context <string> module-name <string> path <string> rpc-name <string>
Parameter | Length/Range | Description |
---|---|---|
rule-list | <rule list name> – The unique rule-list name | |
cmdrule | string: 1 character min. |
|
group | <group name> – The name of the user group to associate with this rule-list. If not selected, the | |
rule |
|
% set oam localAuth user <user name> accountAgingState <disabled | enabled> group <Administrator | Calea | FieldService | Guest | Operator | SecurityAuditor> interactiveAccess <disabled | enabled> m2mAccess <disabled | enabled> passwordAgingState <disabled | enabled> passwordLoginSupport <disabled | enabled> % show oam localAuth user <user name> group <group name> displaylevel <displaylevel> % delete oam localAuth user <user name>
Parameter | Length/Range | Description |
---|---|---|
| N/A | Specifies the name of the group user. |
accountAgingState | N/A | The account aging state for a particular user.
|
| N/A | Use this control to specify user authentication group type:
For guidance with adding users to the SBC, see Default Accounts and Passwords |
interactiveAccess | When enabled, this flag allows the specified user access to interactive interfaces such as CLI and EMA.
| |
m2mAccess | Enable this flag to allow the specified user machine-to-machine access to REST API. For REST API details, see REST API User's Guide.
| |
passwordAgingState | N/A | The password aging state for the specified user.
|
passwordLoginSupport | N/A | Enable flag to allow specified user to login using password.
|
| 1-64 | To display different levels of output information in show commands. |
The following example shows current authorizations for configured users.
% show oam localAuth user admin { group Administrator; passwordAgingState enabled; accountAgingState enabled; passwordLoginSupport enabled; interactiveAccess enabled; m2mAccess disabled; }