Login
In this chapter, you can find all the available commands to
customize login-related features, such as users, roles
or the different mechanisms available to log-in, like tacacs
or radius.
Users and roles
OSDx allows the creation of new users with different level of privileges.
These different levels are called roles and there are some predefined
ones that restrict the most common cases:
Role
Level
Actions allowed
monitor
0
Run some basic operational commands (e.g., show tree).
operator
5
Run almost all operational commands.
admin
15
Run all commands and access the configuration menu.
The level attribute sets the privilege level of a role. The higher it is, the
more privileges a role grants. The maximum level is 15 and it is reserved for
the admin role.
The admin user is configured by default in OSDx and assigned to the
admin role. There must always be at least one user configured with the
admin role. Therefore, if the default admin user is deleted, a new
one has to be created and assigned to the admin role. Otherwise, the
commit process will return a validation error.
Warning
Please, remember the importance of choosing strong password,
specially for those users that are assigned to the admin role.
Apart from the afforementioned roles, new ones can be created by issuing
the following command: system login role <txt> level <u32>.
There can only be one role for a given level; therefore, levels 0, 5 and 15 are forbidden.
Users can only be assigned to a single role and whenever that configuration changes, affected sessions are automatically closed to prevent security issues.
Here, you will find more information about user-levels.