Dell 9.7(0.0) Plumbing Product User Manual


  Open as PDF
of 1039
 
The following example denies the netadmin role from using the show users command and then
verifies that netadmin cannot access the show users command in exec mode. Note that the
netadmin role is not listed in the Role access: secadmin,sysadmin, which means the netadmin
cannot access the show users command.
Dell(conf)#role exec deleterole netadmin show users
Dell#show role mode exec show users
Role access: secadmin,sysadmin
Example: Allow Security Administrator to Configure Spanning Tree
The following example allows the security administrator (secadmin) to configure the spanning tree
protocol. Note command is protocol spanning-tree.
Dell(conf)#role configure addrole secadmin protocol spanning-tree
Example: Allow Security Administrator to Access Interface Mode
The following example allows the security administrator (secadmin) to access Interface mode.
Dell(conf)#role configure addrole secadmin ?
LINE Initial keywords of the command to modify
Dell(conf)#role configure addrole secadmin interface
Example: Allow Security Administrator to Access Only 10-Gigabit Ethernet Interfaces
The following example allows the security administrator (secadmin) to only access 10-Gigabit Ethernett
interfaces and then shows that the secadmin, highlighted in bold, can now access Interface mode.
However, the
secadmin can only access 10-Gigabit Ethernet interfaces.
Dell(conf)#role configure addrole secadmin ?
LINE Initial keywords of the command to modify
Dell(conf)#role configure addrole secadmin interface tengigabitethernet
Dell(conf)#show role mode configure interface
Role access: netadmin,
secadmin, sysadmin
Example: Verify that the Security Administrator Can Access Interface Mode
The following example shows that the secadmin role can now access Interface mode (highlighted in
bold).
Role Inheritance Modes
netoperator
netadmin Exec Config Interface Router IP RouteMap Protocol MAC
secadmin Exec Config
Interface
Line
sysadmin Exec Config Interface Line Router IP RouteMap Protocol
MAC
Example: Remove Security Administrator Access to Line Mode.
782
Security
 previous next