Configuring Secure Domain Routers on Cisco IOS XR Software

Information About Configuring Secure Domain Routers

Ability to assign nodes (RPs, DRPs, and LCs) to SDRs.

Ability to create other users with similar or lower privileges.

Complete authority over the chassis.

Ability to log in to non-owner SDRs using admin plane authentication. Admin plane authentication allows the root-system user to log in to a non-owner SDR regardless of the configuration set by the root-lr user. See the “Configuring a Username and Password for a Non-Owner SDR” section on page SMC-157

Ability to install and activate software packages for all SDRs or for a specific SDR.

Ability to view the following admin plane events (owner SDR logging system only):

Software installation operations and events.

System card boot operations, such as card booting notifications and errors, heartbeat-missed notifications, and card reloads.

Card alphanumeric display changes.

Environment monitoring events and alarms.

Fabric control events.

Upgrade progress information.

root-lr Users

Note SDRs were previously known as Logical Routers (LRs). The name was changed for Release 3.3.0.

Users with root-lr privileges can log in to the non-owner SDR only and perform configuration tasks that are specific to that SDR. The root-lr group has the following privileges:

Ability to configure interfaces and protocols.

Ability to create other users with similar or lower privileges on the non-owner SDR.

Ability to view the resources assigned to their particular SDR.

The following restrictions apply to root-lr users:

root-lr users cannot enter Administration EXEC or configuration modes.

root-lr users cannot create or remove SDRs.

root-lr users cannot add or remove nodes from an SDR.

root-lr users cannot create root-system users.

The highest privilege a non-owner SDR user can have is root-lr.

Other SDR Users

Additional usernames and passwords can be created by the root-system or root-lr users to provide more restricted access to the configuration and management capabilities of the owner SDR or non-owner SDRs.

Cisco IOS XR System Management Configuration Guide

SMC-131

Page 4 Page 6
Page 5
Image 5
Cisco Systems SMC-127 manual Root-lr Users, Other SDR Users, SMC-131
Page 4 Page 6
Top Page Image Contents