Procedure
PurposeCommand or Action
Enters global configuration mode.switch# configure terminal
Step 1
Specifies a user role and enters role configuration
mode.
switch(config) # role name role-name
Step 2
Enters role VLAN policy configuration mode.switch(config-role )# vlan policy deny
Step 3
Specifies a range of VLANs that the role can access.switch(config-role-vlan # permit vlan
vlan-list
Step 4
Repeat this command for as many VLANs as needed.
Exits role VLAN policy configuration mode.switch(config-role-vlan) # exit
Step 5
(Optional)
Displays the role configuration.
switch# show role
Step 6
(Optional)
Saves the change persistently through reboots and
restarts by copying the running configuration to the
startup configuration.
switch# copy running-config
startup-config
Step 7
Changing User Role VSAN Policies
You can change a user role VSAN policy to limit the VSANs that the user can access.
Procedure
PurposeCommand or Action
Enters global configuration mode.switch# configure terminal
Step 1
Specifies a user role and enters role configuration
mode.
switch(config-role) # role name
role-name
Step 2
Enters role VSAN policy configuration mode.switch(config-role) # vsan policy deny
Step 3
Specifies a range of VSANs that the role can access.switch(config-role-vsan) # permit vsan
vsan-list
Step 4
Repeat this command for as many VSANs as needed.
Exits role VSAN policy configuration mode.switch(config-role-vsan) # exit
Step 5
(Optional)
Displays the role configuration.
switch# show role
Step 6
Cisco Nexus 5600 Series NX-OS System Management Configuration Guide, Release 7.x
OL-31641-01 81
Configuring User Accounts and RBAC
Changing User Role VSAN Policies
To Next Page
Loading...
