cancel
Showing results for 
Search instead for 
Did you mean: 

Is possible to add another user than extreme at EFA?

Is possible to add another user than extreme at EFA?

Alberto_Oter
New Contributor II

I'm trying to find a way to create a new user with specific new role locally at EFA, but I'm expecting to use a command as in SLX CLI where we can specify the username, password and role, is there a way to do like that at EFA?

1 ACCEPTED SOLUTION

Michael_Morey
Extreme Employee

Alberto,

Yes this is possible.  The actual Username and Password should be setup on the linux subsystem first (TPVM, OVA, or StandAlone):

sudo useradd Alberto

sudo passwd

 

Within EFA we first designate that this user is permitted to use CLI:

(efa:extreme)extreme@tpvm1:~$ efa auth client register --name Alberto --type cli

 

Then we map the Role to the user:

(efa:extreme)extreme@tpvm1:~$ efa auth rolemapping add --name Alberto --role SystemAdmin --type user

 

Here is a list of the current roles:

(efa:extreme)extreme@tpvm1:~$ efa rbac role show
+-----------------+--------------------------------------------------------------+
| Name | Description |
+-----------------+--------------------------------------------------------------+
| NetworkOperator | Views Fabric configurations and Inventory related |
|                 | information and also all Ecosystem related information. |
|                 | Cannot make any changes in the system. |
+-----------------+--------------------------------------------------------------+
| SystemAdmin     | Complete privileges to all operations in the system |
+-----------------+--------------------------------------------------------------+
| ServiceAdmin    | Internal role with limited privileges to service operations |
|                 | in the system and cannot be assigned to a user |
+-----------------+--------------------------------------------------------------+
| FabricAdmin     | Registers devices to fabric, Configures fabric parameters, |
|                 | Validate all the devices in the fabric and configure |
|                 | switches for IP Fabric with/without overlay. Also has |
|                 | privileges to create tenants, creates networks inside |
|                 | tenants (VRFs, EPGs, POs etc). Also has privileges to |
|                 | policy, openstack, hyperv, vcenter operations. Performs |
|                 | fabric debug activities. |
+-----------------+--------------------------------------------------------------+
| SecurityAdmin   | Performs user management, PKI and key management operations |
|                 | in the system. |
+-----------------+--------------------------------------------------------------+
| SystemDebugger  | Performs Support Save, System Backup operations. Has |
|                 | privileges to fabric debug operations. Set debug level for |
|                 | services. Has privileges to collect execution logs from the |
|                 | services. |
+-----------------+--------------------------------------------------------------+

 

You should now be able to login with the new user:

extreme@tpvm1:~$ efa login --username Alberto --password password

Login successful.
--- Time Elapsed: 222.627744ms ---
(efa:Alberto)extreme@tpvm1:~$

Michael Morey
Principal Technical Support Engineer
Extreme Networks

View solution in original post

2 REPLIES 2

Michael_Morey
Extreme Employee

Alberto,

Yes this is possible.  The actual Username and Password should be setup on the linux subsystem first (TPVM, OVA, or StandAlone):

sudo useradd Alberto

sudo passwd

 

Within EFA we first designate that this user is permitted to use CLI:

(efa:extreme)extreme@tpvm1:~$ efa auth client register --name Alberto --type cli

 

Then we map the Role to the user:

(efa:extreme)extreme@tpvm1:~$ efa auth rolemapping add --name Alberto --role SystemAdmin --type user

 

Here is a list of the current roles:

(efa:extreme)extreme@tpvm1:~$ efa rbac role show
+-----------------+--------------------------------------------------------------+
| Name | Description |
+-----------------+--------------------------------------------------------------+
| NetworkOperator | Views Fabric configurations and Inventory related |
|                 | information and also all Ecosystem related information. |
|                 | Cannot make any changes in the system. |
+-----------------+--------------------------------------------------------------+
| SystemAdmin     | Complete privileges to all operations in the system |
+-----------------+--------------------------------------------------------------+
| ServiceAdmin    | Internal role with limited privileges to service operations |
|                 | in the system and cannot be assigned to a user |
+-----------------+--------------------------------------------------------------+
| FabricAdmin     | Registers devices to fabric, Configures fabric parameters, |
|                 | Validate all the devices in the fabric and configure |
|                 | switches for IP Fabric with/without overlay. Also has |
|                 | privileges to create tenants, creates networks inside |
|                 | tenants (VRFs, EPGs, POs etc). Also has privileges to |
|                 | policy, openstack, hyperv, vcenter operations. Performs |
|                 | fabric debug activities. |
+-----------------+--------------------------------------------------------------+
| SecurityAdmin   | Performs user management, PKI and key management operations |
|                 | in the system. |
+-----------------+--------------------------------------------------------------+
| SystemDebugger  | Performs Support Save, System Backup operations. Has |
|                 | privileges to fabric debug operations. Set debug level for |
|                 | services. Has privileges to collect execution logs from the |
|                 | services. |
+-----------------+--------------------------------------------------------------+

 

You should now be able to login with the new user:

extreme@tpvm1:~$ efa login --username Alberto --password password

Login successful.
--- Time Elapsed: 222.627744ms ---
(efa:Alberto)extreme@tpvm1:~$

Michael Morey
Principal Technical Support Engineer
Extreme Networks

Thanks a lot Michael, I was not able to find at any place the part of adding as linux user, that was the missing step, now I'm able to login with my new user 🙂 

GTM-P2G8KFN