Western Telematic RSM-8, RSM-32DC, RSM-16DC manual User Accounts, Supervisor Access, Port Access

Page 31

Configuration

5.5. User Accounts

Prior to accessing command mode or establishing a Telnet Direct Connection, you will be prompted to enter a username (login) and password. The username and password entered at login determine which port(s) you will be allowed to connect and what type of commands you will be allowed to execute. Each username / password combination is defined within a "user account."

The RSM allows up to 128 user accounts; each account includes a username, password, security level, port access rights, and an optional callback number.

5.5.1.Supervisor Access

In order to protect access to important command functions, the RSM allows you to enable or disable Supervisor commands for specific accounts. Accounts that have Supervisor Access enabled, will be allowed access to all configuration menus, review all status screens, and connect to any RSM RS232 port.

When Supervisor Access is disabled, the account will be blocked from changing configuration parameters, access to status screens will be restricted, and the user will only be able to connect to ports specifically allowed by that account.

Note that in the default state, the RSM includes one predefined user account that provides access to Supervisor commands and allows connections with any RSM RS232

port. The default username for this account is "super" (lowercase, no quotation marks), and the password for the account is also "super".

Notes:

In order to ensure security, it is recommended that when initially setting up the unit, you should either change the username and password for the default "super" user account, or preferably, a new user account with Supervisor access should be created, and the "super" account should then be deleted.

If the RSM is reset to default parameters, all user accounts will be cleared, and the default "super" account will be restored.

If Supervisor commands are disabled at a given port, then accounts that permit Supervisor commands will not be able to access command mode via that port.

In most cases, a password with Supervisor Access can be entered at any port, allowing the user to invoke Supervisor level commands. However, if you wish to completely deny a specific port’s access to Supervisor commands (even with a password that normally permits them), the Port Parameters menus can disable Supervisor commands at ports 3 and above, and the Network Port. The Supervisor Mode cannot be disabled at Ports 1 and 2 (the System Setup Ports.) For a summary of commands and status screens available to Supervisors and non-Supervisors, please refer to Section 13.

5.5.2.Port Access

Each account can be granted access to a different selection of ports. Accounts with Supervisor access are always allowed to establish connections with all ports, but accounts without Supervisor Access can be restricted to a specific port or group of ports. Note also, that several accounts can be allowed access to the same port.

5-12

Page 30 Page 32
Image 31
Page 30 Page 32
Contents RSM Series Secure Racking Shock Hazard Do Not Enter Lithium BatteryDisconnect Power Agency Approvals Table of Contents Configuration Table of Contents List of Figures Capture Buffer Security and Collocation FeaturesIntroduction Intelligent Port SelectionBold Font Configuration BackupRSM-8, RSM-16, RSM-16DC, RSM-32 and RSM-32DC Units Typographic ConventionsFront Panel Unit DescriptionInstrument Back Panel Model RSM-8 Back Panel Power On/Off Switch Connect your Control Device to the RSM Quick Hardware InstallationApply Power to the RSM Getting StartedCommunicating with the RSM Port Status Screen Text Interface RSM-8 Shown Getting Started Connecting Power to the RSM Unit Hardware InstallationDC Powered Units Connecting Devices to the RSM Connecting the Network CableCommunicating with the RSM Unit ConfigurationText Interface Configuration Home Screen Web Browser Interface Web Browser InterfaceConfiguration Menus System SetUp PortsSystem Parameters Defining System ParametersConfiguration Real Time Clock and Calendar Invalid Access Lockout Feature Audit Log Callback Security Configuration Port Access Supervisor AccessUser Accounts Viewing User Accounts Managing User AccountsAdd User Menu Text Interface RSM-8 Shown Adding User AccountsConfiguration Deleting User Accounts Modifying User Accounts1. RS232 Port Modes RS232 Port ConfigurationPort Configuration Menu Text Interface Communication Settings 2. RS232 Port Configuration MenusGeneral Parameters AT&C1&D2S0=1&B1&H1&R2 Port Mode ParametersNetwork Services Configuring the Internal Modem Servers and Clients Network ConfigurationConfiguration 11 Network Parameters Menu Web Browser Interface Network Parameters12 Network Port Parameters Menu Web Browser Interface Network Port ParametersConfiguration IP Security IP SecurityConfiguration Configuration Net/Mask Pairs ExceptConfiguration 15 Static Route Menu Text Interface Static Route17 Nomain Name Server Menu Text Interface Domain Name ServerSnmp Parameters 19 Snmp Access Menu Text InterfaceConfiguration Ldap Ldap ParametersConfiguration Ldap Group Group Membership Value Type Default = DN25 Add Ldap Group Menu Text Interface RSM-8 Shown 27 View Ldap Group Menu Text Interface RSM-8 Shown 29 Modify Ldap Group Menu Text Interface RSM-8 Shown 31 Delete Ldap Group Menu Web Browser Interface 32 Ldap Kerberos Set Up Menu Text Interface Configuration 34 The Tacacs Parameters Menu Text Interface Tacacs ParametersConfiguration 36 The Radius Parameters Menu Text Interface Radius ParametersConfiguration 38 The Copy Port Parameters Menu CP 3,5,7-9 Enter Save User Selected ParametersStatus Screens Status Screens Port Status Screen /SPort Diagnostics Screen RSM-8 Shown Port Diagnostics Screen /SDPorttcp Portstatus Username Network Status Screen /SNPort Parameters Screen RS232 Port Shown Port Parameters Screens /WXx Enter Operation Any-to-Any ModePort Connection and Disconnection Operation Operation Enter 4 EnterHunt Group Example Defining Hunt GroupsPassive Mode Reading Data from Buffer Mode Ports Buffer ModePort Buffers Modem Mode Network Port Numbers Telnet & SSH FunctionsSSH Encryption Configuration Direct Connect FeatureStandard Telnet Protocol, SSH and Raw Socket Telnet & SSH Functions RSM-32 & RSM-32DC Standard Telnet Direct Connection without Password RSM-8SSH Direct Connection with Password RSM-8 RSM-16 & RSM-16DCRaw Socket Direct Connection without Password RSM-8 Raw Socket Direct Connection with Password RSM-8Connection Example Terminating a Direct Connect Session Configuration Syslog FeatureCriteria for Generating a Syslog Message Test Menu Text Interface, Supervisor Mode Only Testing Syslog Configuration10-1 Snmp TrapsSnmp Trap Message How and When Snmp Traps are SentSnmp Contact Optional Snmp Location Optional Testing the Snmp Trap Function Sending Parameters to a File Saving and Restoring Configuration ParametersRestoring Saved Parameters 12-1 Upgrading RSM Firmware12-2 Command Conventions Command Reference GuideCommand Summary Resident Disconnect Sequence Command SetAudit Log Format /CP Enter ConnectFormat /C x x Enter CP Copy RS232 Port ParametersErase Buffer Third Party DisconnectFormat /D/Y x x Enter 2 Enter or /D/Y 3 EnterDisplay Site ID Reboot System DefaultSet System Parameters HelpSet Network Port Parameters Send SSH KeySet RS232 Port Parameters Display Port Status PW Change PasswordSD Display Port Diagnostics Read BufferSave Parameters UF Upgrade FirmwareUL Unlock Port Invalid Access Lockout Test Test Network ParametersFormat /X Enter Exit Command ModeDisplay Port Parameters Who Format /W x EnterWhen not connected When connectedAppendix A. RS232 Port Interface Models RSM-32 and RSM-32DC Appendix B. SpecificationsRS232 Port Interface Connectors Physical / Environmental PowerAppendix C. Customer Service Trademarks Used in this Manual Trademark and Copyright InformationTacacs Dhcp IndexIndex-2 Index-3 Index-4
Top Page Image Contents