Versions Compared

Old Version 12

changes.mady.by.user Viktoryia Varapayeva

Saved on

compared with

New Version Current

changes.mady.by.user Uday Dubey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Create, edit, and delete user accounts. Each user account is assigned one or more Device Groups over which they have some administrative functions.
  • Define two primary types of users: local user and remote user.
    • Local users have their entire login credentials, user Roles, and device group permissions defined locally on the NetMRI appliance.
    • Remote users have Roles assignments and device group permissions defined in Authentication Service Properties, and those assignments and permissions are granted remotely through an external service.

...

titleNote
    • Device groups are a NetMRI organizational unit that gathers devices in related groups—routers in a Routers group, Ethernet switches in a Switches group, and so on. For related information on device groups, see Devices and Interfaces.
  • Create, edit, and delete user Roles. You assign Roles to each individual user account and define the privileges and tasks, and specific networks and network devices on which the NetMRI user can operate. A user account is ineffective without an assigned Role. A user account can use one or more Roles.
  • Each Role is comprised of a set of access Privileges, which are the types of tasks that the user can carry out in their assigned Role.
  • Review the Audit Log. The Audit Log provides records of all actions taken by all NetMRI users, showing the timestamp, event type, and associated descriptive messages.

...

Note
titleNote

Privileges play a key part in Roles configuration. Each of the pre-defined roles uses a specific collection of Privileges, which are pre-defined administrative functions that cannot be edited or changed. You can delete Privileges from a defined Role and create new Roles with custom sets of Privileges. Also, see Privilege Descriptions for details on the Privileges comprising user Roles.

...

  1. Click Add User below the table.
  2. If you want the new account to be disabled by default, select the Account Disabled checkbox.
  3. If you want the user to be authenticated and authorized by the NetMRI appliance for their roles and device group assignments, select the Force Local Authorization checkbox. This enables the user to have a locally defined login that is separate from the remote one on the AAA server. Leaving this checkbox clear enables the user account to be subjected to authorization through a remote AAA server.

  4. On the User Details tab, enter values for the First Name, Last Name, Username, and Password fields. Fill in optional fields as needed.

    Note
    titleNote

    User account names are case-sensitive. You can use some non-alphanumeric characters for naming including bracket characters, such as @!#$%^&*()[]{}. Punctuation characters (,.;'"), the equal sign =, vertical bar |, and spacebar characters are disallowed.

    Note
    titleNote

     
    If you use TACACS+ authentication and authorization with NetMRI, keep in mind that TACACS user names are case-insensitive. Therefore, the case must not be the only difference between NetMRI and TACACS user names.

  5. Click Save. The RolesCLI Credentials, and Database Credentials tabs become available.
  6. Click the Roles tab, and then click Add.
  7. In the Add Role to User dialog, choose a role from the drop-down list.
  8. Under In device groups, click to choose the device group(s) the user is allowed to access.
  9. Click OK. The new role settings are saved for the user account.
  10. On the CLI Credentials tab, define the command-line credentials as described in the procedure below.
  11. On the Database Credentials tab, define the database credentials as described in the procedure below.
  12. In the Add New User dialog, click Close.

...

  1. In the Add New User or Edit User dialog, click the Database Credentials tab. This tab allows giving access to the NetMRI database to a user.
  2. Select the Database Credentials Enabled checkbox. 

  3. Enter the user's Username and Password values, and confirm the password. NetMRI uses these credentials for a new SQL user to access the database.

    Note
    titleNote

    The SQL username should be from 8 to 16 characters long. It should not contain special symbols.

  4. Click Save.

To edit an existing user account, complete the following:

...

  1. Click Add (below the table).
  2. In the Add Role dialog > Users tab, enter a descriptive name in the Name field.
  3. In the Description field, describe the role.

  4. Click Save. This adds the new role to the Roles table. The Users and Privileges tabs appear.

...

titleNote

  1. You can assign one or more user accounts or privileges to the new role. It is not necessary to assign users to the role (this can be done in the user account), but privileges must be assigned for the new pole to be meaningful.

...

  1. In the Users tab, click Add. The Add User for <Username> Role dialog appears, displaying a Users drop-down list and the list of Device Groups in the appliance.

...

  1. In the Add User for <Username> Role dialog > User drop-down list, choose one or more users for the role.

...

  1. In the Device Group table, select the device group checkboxes to be associated with this role.

...

  1. Click OK.

...

  1. As needed, repeat steps 5 through 8 for other accounts.

Note
titleNote

A role containing optional user/device group definitions can be assigned only to users listed in the Role Users tab. To allow a role to be assigned to any user, delete user/device group definitions in this tab.

...