CHAPTER 21
Configuring User Accounts and RBAC
This chapter contains the following sections:
• Information About User Accounts and RBAC, on page 201
• Guidelines and Limitations for User Accounts, on page 204
• Configuring User Accounts, on page 205
• Configuring RBAC, on page 206
• Verifying the User Accounts and RBAC Configuration, on page 209
• Configuring User Accounts Default Settings for the User Accounts and RBAC, on page 209
Information About User Accounts and RBAC
Cisco Nexus Series switches use role-based access control (RBAC) to define the amount of access that each
user has when the user logs into the switch.
With RBAC, you define one or more user roles and then specify which management operations each user role
is allowed to perform. When you create a user account for the switch, you associate that account with a user
role, which then determines what the individual user is allowed to do on the switch.
User Roles
User roles contain rules that define the operations allowed for the user who is assigned the role. Each user
role can contain multiple rules and each user can have multiple roles. For example, if role1 allows access only
to configuration operations, and role2 allows access only to debug operations, users who belong to both role1
and role2 can access configuration and debug operations. You can also limit access to specific VLANs, and
interfaces.
The switch provides the following default user roles:
network-admin (superuser)
Complete read and write access to the entire switch.
network-operator
Complete read access to the switch. However, the network-operator role cannot run the show
running-config and show startup-config commands.
Cisco Nexus 3548 Switch NX-OS System Management Configuration Guide, Release 7.x
201
To Next Page
Loading...
