Casio ACS V6000 Appliance-admin group, User group, Shell-login-profile, Managing user groups

Page 47

42ACS v6000 Installation/Administration/User Guide

appliance-admin group

Members of the appliance-admin group have access restricted to tasks for managing only the appliance. Appliance-admin user group members have no access to the serial ports, and share all of the appliance access rights as admin except for Configure User Accounts and Shell Access, which are permanently disabled for this group.

user group

Members of the user group have access to target devices unless they are restricted by an administrator but have no access rights for the virtual console server. Administrators can add appliance access rights and permissions, or can add users to custom user groups to add permissions and access rights as needed. By default, all selections on the Appliance Access Rights screen will be disabled.

NOTE: The Appliance Access Rights screen for the user group can be changed at any time by an administrator. This will change the access rights for all members of the console server’s user group.

shell-login-profile

Members of the shell-login-profile group have access to the shell after logging in. By default, the root user belongs to this group. This is not a protected group and can be deleted.

Managing user groups

Administrators and members of the admin group can create custom user groups that contain any users. Permissions and access for custom user groups will be determined by the top-level user group permissions.

To create a custom user group:

1.Click Users - Authorization - Groups. The Groups screen is displayed and contains a list of the three default user groups and any additional custom user groups that have been created.

2.Click Add in the content area.

3.Enter the name of the new user group you are creating.

4.Click Save.

To add members to a user group:

1.Click Users - Authorization - Groups.

2.Click the user group name.

3.Click Add. The Members Assignment screen is displayed showing a list of available users in the left box and an empty box on the right.

Image 47

Contents ACS Page ACS B L E of C on TE N TS Iii ACS v6000 Installation/Administration/User Guide Access options Features and BenefitsFlexible users and groups Web ManagerIPv4 and IPv6 support Packet filtering AuthenticationSecurity VPN based on IPSec with NAT traversalAuto discovery Data logging, notifications, alarms and data bufferingACS v6000 virtual console server requirements To create the virtual machine using the vSphere clientPage Using Telnet or SSH To use SSH to connect to a device through a serial port To use Telnet to connect to a device through a serial port# telnet hostname IPaddress To close a Telnet sessionTo close an SSH session ACS v6000 Installation/Administration/User Guide To log into the web manager Web Manager Overview for AdministratorsWizard Mode Wizard Screen To configure Ports To configure network parametersTo configure licenses To view and connect to devices using the web manager Expert ModeAccess To configure users and change the default user passwordsSecurity profiles System ToolsSystem Select System Security Security Profile To configure the Security ProfileTo configure DSView 3 software security settings Help and Language Date and TimeUsage VM SettingsInformation VCenter To configure a vCenterTo add an association by Datacenter License To power control targets using the web managerNetwork IPv4 and IPv6 static routes SettingsTo configure a network device DevicesTo add a host Configuring the firewallHosts FirewallTo add a chain Protocol optionsTo edit a rule To change the policy for a default chainIPSecVPN To add a rulePayload or AH Authentication Header Click Network Snmp Snmp ConfigurationTo configure Snmp Select Ports Serial Ports To enable or disable one or more serial portsPorts Serial portsCAS Ctrl-X Parameter Description Auto discovery To copy/clone the configuration of one port to other portsCAS Profile Select Ports CAS Profile Auto Answer To configure the input/output strings used by auto answerSelect Probe Strings or Match Strings Click Ports Pool of CAS Ports To configure a pool of CAS portsPool of CAS ports Pool of CAS Ports Parameters Parameter Description AuthenticationTo configure a Radius authentication server Appliance authenticationAuthentication servers To set authentication for the console serverSelect Authentication Authentication Servers Ldapsad To configure a TACACS+ authentication serverSelect Authentication Authentication Servers TACACS+ To configure an Ldapsad authentication serverUsers Accounts and User Groups To configure a Kerberos authentication serverTo configure an NIS authentication server To configure a DSView authentication serverTo add new users Local accountsUser groups To configure password rulesClick Users Local Accounts Password Rules Admin groupTo view admin Appliance Access Rights Managing user groups Appliance-admin groupShell-login-profile User groupTo remove members from a user group To configure a login profile for a user groupCheck the Enable Log-In Profile box To assign appliance access rights for custom user groups To add access to serial ports for a user groupTo configure a group in a Radius authentication server To configure a group in a TACACS+ authentication serverEvent Destinations Event NotificationsEvent List Select Events and Logs Data Buffering To configure Data BufferingData Buffering Appliance Logging To configure Appliance LoggingActive Sessions MonitoringWeb Manager Overview for Regular Users Change PasswordTo change your own password Select Change PasswordACS v6000 Installation/Administration/User Guide Configuration Appendix a BootP Configuration RetrievalAppendix B Technical Support To resolve an issueFor Technical Support