CN8600 User Manual
The Permission Attribute Value (for RADIUS and LDAP)
The attribute value for permission is made up of two parts: 1) the IP address of the CN8600 a user will access; and 2) a string that indicates the access rights the user has on the CN8600 at that IP address. For example:
192.168.0.80&c,w,j;192.168.0.188&v,l
The makeup of the permission entry is as follows:
An ampersand (&) connects the CN8600’s IP with the access rights string.
The access rights string is made up of various combinations of the following characters: c w j p l v s. The characters can be entered in upper or lower case. See Permitted String Characters table below.
The characters in the access rights string are separated by a comma (,). There are no spaces before or after the comma.
If a user has access rights to more than one CN8600, each permission segment is separated by a semicolon (;). There are no spaces before or after the semicolon.
Use the following keyword for Radius and LDAP setting: su/[username]
– the username must be a real user account that exists in the system.
LDAP should use
Permission String Characters
Character | Meaning |
|
|
C | Grants the user administrator privileges, allowing the user to configure |
| the system. |
|
|
W | Allows the user to access the system via the Windows Client program. |
|
|
J | Allows the user to access the system via the Java applet. |
|
|
L | Allows the user to access log information via the user's browser. |
|
|
V | Limits the user's access to only viewing the video display. |
|
|
M | Allows the user to use the Virtual Media function – Read / Write |
|
|
40