Check Roles

This scenario shows how to configure and use OSDx user roles.

Test Monitor Role

Description

A new user teldat is created using the predefined monitor role. This kind of role allows the execution of a reduced set of operational commands.

Scenario

Step 1: Set the following configuration in DUT0:

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$Agj66kxtIVz5x26c$dXG4VUKhjJ7z72Pqkl/R5PzE0HKOCjRlpsg/jKD4UuVedilTkFDbbtNs5BM6mMX7z4TUlzPxjq15MPJYdjoK0/'
set system login user teldat role monitor

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 3: Run command show running at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 4: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:08 UTC +00:00

Step 5: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0:

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:12 UTC +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$Agj66kxtIVz5x26c$dXG4VUKhjJ7z72Pqkl/R5PzE0HKOCjRlpsg/jKD4UuVedilTkFDbbtNs5BM6mMX7z4TUlzPxjq15MPJYdjoK0/'
set system login user teldat role monitor
set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 9: Run command show date at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 10: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

---

Test Operator Role

Description

A new user teldat is created using the predefined operator role. This kind of role allows the execution of some operational commands.

Scenario

Step 1: Set the following configuration in DUT0:

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$c6Prv1Bqt4lPT5LE$IWlQMMpmcPqFg/WstP6YVxjjcpEHUbDcI4i1njsJDtxO7vFDe2EkfIKoi7gpRm5gHCutsTYVpiEVEVTIMGyeA.'
set system login user teldat role operator

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 3: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:20 UTC +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$c6Prv1Bqt4lPT5LE$IWlQMMpmcPqFg/WstP6YVxjjcpEHUbDcI4i1njsJDtxO7vFDe2EkfIKoi7gpRm5gHCutsTYVpiEVEVTIMGyeA.'
set system login user teldat role operator

Step 4: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:20 UTC +00:00

Step 5: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0:

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:24 UTC +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$c6Prv1Bqt4lPT5LE$IWlQMMpmcPqFg/WstP6YVxjjcpEHUbDcI4i1njsJDtxO7vFDe2EkfIKoi7gpRm5gHCutsTYVpiEVEVTIMGyeA.'
set system login user teldat role operator
set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 9: Run command show date at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 10: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

---

Test Admin Role

Description

A new user teldat is created using the predefined admin role. This kind of role allows the execution of all operational commands and has access to the configuration menu.

Scenario

Step 1: Set the following configuration in DUT0:

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$FlCAWIs2ZIPw9dj9$A/2ha9O5zoyRwf.6gL4qT8DfVwuii9.PQA5IABaTz7BHXJXzVYFz94uDHafOsYI5twenqOFT4n0FrB/ihwnMi.'
set system login user teldat role admin

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

service inactive. doing nothing.

Step 3: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:33 UTC +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$FlCAWIs2ZIPw9dj9$A/2ha9O5zoyRwf.6gL4qT8DfVwuii9.PQA5IABaTz7BHXJXzVYFz94uDHafOsYI5twenqOFT4n0FrB/ihwnMi.'
set system login user teldat role admin

Step 4: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:33 UTC +00:00

Step 5: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0:

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

service inactive. doing nothing.

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:37 UTC +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$FlCAWIs2ZIPw9dj9$A/2ha9O5zoyRwf.6gL4qT8DfVwuii9.PQA5IABaTz7BHXJXzVYFz94uDHafOsYI5twenqOFT4n0FrB/ihwnMi.'
set system login user teldat role admin
set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 9: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:37 UTC +00:00

Step 10: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

---

Test Custom Role

Description

A new user teldat is created using a custom role. The user-level can be dynamically changed.

Scenario

Step 1: Set the following configuration in DUT0:

set system login role custom_role level 8
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$EbDbMaT9TkctBRNh$XmzIHJ66GzDcOK8Fo4zXamNlNVIj8if.ZXaeutKfDsf427lc13me60ldy25e3gsJ4CzMXMSATqSckaVgGv/G5/'
set system login user teldat role custom_role

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 3: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:45 UTC +00:00
# Warning: Configuration has not been saved
set system login role custom_role level 8
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$EbDbMaT9TkctBRNh$XmzIHJ66GzDcOK8Fo4zXamNlNVIj8if.ZXaeutKfDsf427lc13me60ldy25e3gsJ4CzMXMSATqSckaVgGv/G5/'
set system login user teldat role custom_role

Step 4: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:45 UTC +00:00

Step 5: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

Step 6: Modify the following configuration lines in DUT0:

set system login role custom_role level 14

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

service inactive. doing nothing.

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.1.1.1
# Wed 17 Jul 2024 15:40:49 UTC +00:00
# Warning: Configuration has not been saved
set system login role custom_role level 14
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$EbDbMaT9TkctBRNh$XmzIHJ66GzDcOK8Fo4zXamNlNVIj8if.ZXaeutKfDsf427lc13me60ldy25e3gsJ4CzMXMSATqSckaVgGv/G5/'
set system login user teldat role custom_role

Step 9: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:49 UTC +00:00

Step 10: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

Step 11: Modify the following configuration lines in DUT0:

set system login role custom_role level 3

Step 12: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 13: Run command show running at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 14: Run command show date at DUT0 and expect this output:

Show output

Wed 17 Jul 2024 15:40:53 UTC +00:00

Step 15: Login as admin user on {‘DOC’: ‘SDE’, ‘CAPS’: ‘all -cellular -ceetm’, ‘FWID’: ‘iso’, ‘LICENSE’: ‘VM’, ‘PORT’: ‘4000’, ‘ETH0’: ‘eth0’, ‘ETH1’: ‘eth1’, ‘MAC0’: ‘DE:AD:BE:EF:6C:10’, ‘MAC1’: ‘DE:AD:BE:EF:6C:11’, ‘HDA’: ‘/var/tmp/hd-vm0.img’, ‘CPUS’: ‘4’, ‘MEM’: ‘2049’, ‘MON_PORT’: ‘5000’, ‘MON_ALIAS’: ‘VM0_MON’, ‘ADDR’: ‘localhost’, ‘CMD_TIMEOUT’: ’20s’, ‘REBOOT_TIMEOUT’: ‘300s’, ‘UPDATE_TIMEOUT’: ‘600s’, ‘COMMIT_TIMEOUT’: ’60s’, ‘IMAGE_STORAGE’: ‘True’, ‘ALIAS’: ‘DUT0’, ‘FW_NAME’: ‘os_iso.iso’, ‘ROBOT_IP’: ‘10.215.168.64’, ‘NEEDS_REBOOT’: False, ‘NEEDS_LICENSE’: True}.

---