Configuring Local Radius users (with specific role)
You can configure users to have different roles by creating new users on the 61000/41000 Security System and assigning them the required role.
To create a new user
add user <Name> uid 0 homedir <Path>
Example: add a new user named "local"
add user local uid 0 homedir /home/local
Parameter
|
Description
|
user
|
Login name of the user.
|
homedir
|
Full path for the user home directory
|
Setting user password
It is recommended to leave the local user’s password blank.
Setting user role
You can choose a role from any preexisting roles, or to create a new role and to provide it with custom permissions. The "Adding a new role" section that is present inside this document outlines the procedure required for creating a new role.
To assign a user to a role, run
add rba user <User> roles <Role>
Example: to assign user "local" to role "radius"
Parameter
|
Description
|
User
|
The user name to assign a role to.
|
Roles
|
The role to assign to the user.
|
To add a new role
add rba role <Name> domain-type System
readonly-features <List>
readwrite-features <List>
Example:
add rba role radius domain-type System
readonly-features Chassis,configuration
readwrite-features aaa-servers
Parameter
|
Description
|
Role
|
Determines the role’s name.
|
readonly-features
|
Comma separated list of features to grant read only permissions for.
|
readwrite-features
|
Comma separated list of features to grant read/write permissions for.
|
|
