|
| Chapter 3: Operations | 29 | |
|
|
|
| |
| Table 3.4: Access Rights |
|
| |
|
|
|
|
|
| Access Right | Description |
|
|
|
|
|
|
|
| PCON | The Port Configuration access right allows the user to modify port settings. Grant PCON |
|
|
| access only to users who need to issue the Port Set command. |
|
| |
|
|
|
| |
|
|
|
|
|
|
| The Server Configuration access right allows the user to change the CCM configurations, |
|
|
| SCON | including setting the IP address and updating the program load in FLASH. Grant SCON |
|
|
|
| access only to users who need to administer the CCM appliance. |
|
|
|
|
|
|
|
|
| The Server Monitor access right allows the user to view CCM appliance status and |
|
|
| SMON | monitor serial port activity. Grant SMON access only to users who need to assist other |
|
|
|
| users in accessing attached serial devices. |
|
|
|
|
|
|
|
|
| The USER access right allows the user to modify the user database. Grant USER access |
|
|
| USER | only to users who need to add users, change user specifications or delete users. At least |
|
|
|
| one user must have USER access rights; otherwise, the user database cannot be changed. |
|
|
|
|
|
|
|
|
| The BREAK access right allows the user to send a serial break sequence to the attached |
|
|
| BREAK | serial device. On certain devices, this sequence has a special meaning. Grant BREAK |
|
|
|
| access only to users who need to use the Port Break command. |
|
|
The Port access right gives a user access to one or more serial ports and the attached
Pserial devices. You may grant Port access rights to specific ports (Pn), a range of ports
Access levels
When you specify a user’s permissions, you may either indicate the individual rights as listed in Table 3.4 or you may indicate a predefined access level. The APPLIANCEADMIN and ADMIN levels are equivalent to the following individual specifications:
•The APPLIANCEADMIN level is equivalent to PALL, USER, SCON, SMON, PCON and BREAK
•The ADMIN level is equivalent to PALL, USER, SMON, PCON and BREAK
The third level (that is, not APPLIANCEADMIN or ADMIN) is user. For preemption purposes, the following hierarchy is used: APPLIANCEADMIN > ADMIN > user.
Session sharing is affected by access levels; see Session sharing on page 23 for more information.
To manage a user’s access rights/levels:
1.To configure a user’s access rights/level, issue a User Add command, using the Access param- eter to specify the rights or a level.
USER ADD <username> ACCESS=<access>
2.To change a user’s access rights/level, issue a User Set command, using the Access parameter to specify the rights or a level.
USER SET <username> ACCESS=<access>