Chapter 1 Authentication and Authorization
To create a command policy by using the NetScaler command line
At the NetScaler command prompt, type the following commands to create a command policy and verify the configuration:
wadd system cmdPolicy <policyname> <action> <cmdspec>
wsh system cmdPolicy
Example
>add system cmdPolicy read_all ALLOW (^show\s+(! system)(!ns ns.conf)(!ns runningConfig).*) (^stat.*)
Done
>sh system cmdPolicy
1)Command policy: operator
2)Command policy:
3)Command policy: network
4)Command policy: superuser
5)Command policy: allow_portaladmin
6)Command policy: read_all
Done
To modify or remove a command policy by using the NetScaler command line
wTo modify a command policy, type the set system cmdPolicy <PolicyName> command and the parameters to be changed, with their new values.
wTo remove a command policy, type rm system cmdPolicy <PolicyName>.
Note: The
Parameters for configuring a command policy
policyname
A name for the command policy you are creating. The name can begin with a letter, number, or the underscore symbol, and can consist of from one to 31 letters, numbers, and the hyphen
action
The action the policy applies when the command specification pattern matches. Possible values: ALLOW, DENY
cmdspec
Rule (expression) that the policy uses for pattern matching.
30