To Next Page

To Previous Page

User role name

Permissions

user account. Level-9 access rights are configurable.

 RBAC non-debugging commands.

 Local users.

 File management.

 Device management.

 The display history-command all command.

• level-15—Has the same rights as network-admin.

security-audit

Security log manager. The user role has the following access to security

log files:

• Accesses

the commands for displaying and maintaining security log

files (for example, the dir, display security-logfile summary, and

more commands).

• Accesses the commands for managing security log files and security

log file system (for example, the info-center security-logfile

directory, mkdir, and security-logfile save commands).

For more information about security log management, see Network

Management and Monitoring Configuration Guide. For more information

about file system management, see "Managing the file system."

IMPORTANT:

Only the security-audit user role has access to security log files.

Assigning user roles

You assign access rights to users by assigning a minimum of one user role. The users can use the

collection of system items and resources accessible to any user role assigned to them. For example,

you can access any interface to use the qos apply policy command if you are assigned the

following user roles:

•

User role A denies access to the qos apply policy command and permits access only to

interface GigabitEthernet 1/0/1.

•

User role B permits access to the qos apply policy command and all interfaces.

Depending on the authentication method, user role assignment has the following methods:

•

AAA authorization—If scheme authentication is used, the AAA module handles user role

assignment.

 If the user passes local authorization, the device assigns the user roles specified in the local

user account.

 If the user passes remote authorization, the remote AAA server assigns the user roles

specified on the server. The AAA server can be a RADIUS or HWTACACS server.

•

Non-AAA authorization—When the user accesses the device without authentication or by

passing password authentication, the device assigns user roles specified on the user line. This

method also applies to SSH clients that use publickey or password-publickey authentication.

User roles assigned to these SSH clients are specified in their respective local device

management user accounts.

For more information about AAA and SSH, see Security Configuration Guide. For more information

about user line, see "Login overview" and "Logging in to the CLI."

Brand	HPE
Model	FlexNetwork 5510 HI Series
Category	Switch
Language	English

HPE FlexNetwork 5510 HI Series Fundamentals Configuration Guide

Table of Contents

Other manuals for HPE FlexNetwork 5510 HI Series

Questions and Answers:

HPE FlexNetwork 5510 HI Series Specifications

Related product manuals