This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Extreme Management Center rel 8.4.4.26 user RO

Extreme Management Center rel 8.4.4.26 user RO

EF
Contributor II

ā€Ž06-10-2020 01:04 PM

Hi team,

 

I want to create users for monitoring with only read access to Networks, Alarms & Events section.

And if it possible, only to execute restricted commands, like show commands o create (not delete) vlans (for example).

Once the user is created under OS, I think that I have to create a new Authorization Groups with these rights and  link user to that, but the problem is that a customized group has a lot of  capabilities for select, and I donĀ“t know what is the minimun to achive at least the first requirement.

What are the minimun capabilities to slect in order to have RO user in all section or at lest in Networks  and Alarms & Events?

Is there any way to achieve the second rights?

Thanks in advance!!

EF

0 Kudos
8 REPLIES 8

EF
Contributor II

ā€Ž06-10-2020 03:22 PM

Thanks Ron, I thought the same, the devices SNMP profile is the same.

One more question, I prefer give GUI access than CLI to thise users, or atleast give the two options, but with your rights (as you see in the previous image) only have CLI, Do you know what capability must be enable? Sorry but I canĀ“t find it.

c51bc97e356748b08ff9b21cf3375968_98792c97-dc8f-4b38-86de-8a711cbc1eda.jpg

 

Thanks in advance!!!

0 Kudos

Ronald_Dvorak
Honored Contributor

ā€Ž06-10-2020 03:11 PM

OK now I get what you mean with the terminal accessā€¦.

 

AFAIK the terminal uses the user/pw that is configured in the device SNMP profile > CLI credentials so there is no difference in rw or ro user = I donā€™t see how what you are looking for is possible.

 

-Ron

0 Kudos

EF
Contributor II

ā€Ž06-10-2020 02:15 PM

Thanks Ron, giving only the rights shown in that post, the user only gain Access to Networks and Alarms section in RO, but still is able open CLI session with all rights.

b427b29dc2e146a9b14c6268b73df5f2_325b0fba-278a-4b91-89f1-184a171c8df8.jpg

any way to limit?

 

Regards,

 

EF

 

0 Kudos

Ronald_Dvorak
Honored Contributor

ā€Ž06-10-2020 01:58 PM

Even itā€™s a old post itā€™s still the same principle so here the link for an example...

https://community.extremenetworks.com/extrememanagement-230297/map-only-rights-in-oneview-7652674

 

As youā€™d see most sections have a ā€œread-onlyā€ and a ā€œread/writeā€ access option.

Just select the read-only for whatever section youā€™d like to give access and give it a try.

 

-Ron

0 Kudos
GTM-P2G8KFN