In this section:
The local authentication object allows an administrator to manage
Unable to show "metadata-from": No such page "_space_variables"
user authorizations by assigning a user to one of the predefined groups.For user authentication and group details, refer to Managing Default Accounts and Passwords.
When a new user is created, the system generates a password for that account. The new user should change the default password after initial login.
Creating a user ID named "sonusadmin" via CLI is not allowed. If "sonusadmin" exists when upgrading to this release, it will automatically be removed.
For CLI details regarding changing passwords, see change-password page.
Group
Use this command to create or delete a user group.
You cannot delete a default user group.
Command Syntax
% set oam localAuth group <group name> % show oam localAuth group % delete oam localAuth group <group name>
Command Parameter
| Parameter | Length/Range | Description |
|---|---|---|
| group | 1-23 characters | <group name> – The name of the user group. The characters #%^&(){}<>,/\;`[]=!$"*?|~ and SPACE are not allowed. |
Rule-List
Command Syntax
% set oam localAuth rule-list <rule list name> cmdrule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> command <string> comment <string> context <string> group <group name> rule <string: min 1 character> access-operations <(string) | create | delete | exec | read | update> action <deny | permit> comment <string> context <string> module-name <string> path <string> rpc-name <string>
Command Parameters
| Parameter | Length/Range | Description |
|---|---|---|
rule-list | <rule list name> – The unique rule-list name. | |
cmdrule | string: 1 character min. | The command rule object.
|
group | <group name> – The name of the user group to associate with this rule-list. If not selected, the | |
rule | The rule object.
|
User
Command Syntax
% set oam localAuth user <user name> accountAgingState <disabled | enabled> group <Administrator | Calea | FieldService | Guest | Operator | SecurityAuditor> interactiveAccess <disabled | enabled> m2mAccess <disabled | enabled> passwordAgingState <disabled | enabled> passwordLoginSupport <disabled | enabled> % show oam localAuth user <user name> group <group name> displaylevel <displaylevel> % delete oam localAuth user <user name>
Command Parameters
Local Authentication Parameters
Parameter | Length/Range | Description |
|---|---|---|
| N/A | Specifies the name of the group user. |
accountAgingState | N/A | The account aging state for a particular user.
|
| N/A | Use this control to specify user authentication group type:
For guidance with adding users to the SBC, see Managing Default Accounts and Passwords |
interactiveAccess | When enabled, this flag allows the specified user access to interactive interfaces such as CLI and EMA.
| |
m2mAccess | Enable this flag to allow the specified user machine-to-machine access to REST API. For REST API details, see REST API User's Guide.
| |
passwordAgingState | N/A | The password aging state for the specified user.
|
passwordLoginSupport | N/A | Enable flag to allow specified user to login using password.
|
| 1-64 | To display different levels of output information in show commands. |
User Data
Command Syntax
Command Parameters
Command Examples
The following example shows current authorizations for configured users.
% show oam localAuth
user admin {
group Administrator;
passwordAgingState enabled;
accountAgingState enabled;
passwordLoginSupport enabled;
interactiveAccess enabled;
m2mAccess disabled;
}
Overview
Content Tools