Send documentation comments to mdsfeedback-doc@cisco.com
18-9
Cisco MDS 9000 Family Troubleshooting Guide, Release 3.x
OL-9285-05
Chapter 18 Troubleshooting Users and Roles
User and Role Issues
Verifying Roles Using the CLI
To verify user role-based access using the CLI, follow these steps:
Step 1 Use the show user-account command to view the roles assigned to the user.
switch# show user-account user1
user:user1
this user account has no expiry date
roles:sangroup vsan-admin
no password set. local login not allowed
Remote login through RADIUS is possible
Step 2 Use the username command to modify the roles assigned to a user.
switch# no username user1 role vsan-admin
Step 3 Use the show role command to view the rules assigned to the role.
switch# show role sangroup
Role: sangroup
Description: SAN management group
vsan policy: permit
---------------------------------------------
Rule Type Command-type Feature
---------------------------------------------
1. permit config *
2. deny config fspf
3. permit debug zone
4. permit exec fcping
Step 4 Use the role command to modify the rules assigned to a role.
switch# role name sangroup
switch(config-role)# no rule 4
switch(config-role)# rule 4 deny exec feature fcping
To Next Page
Loading...
Need help?
General