Check Roles

This scenario shows how to configure and use OSDx user roles.

Test Monitor Role

Description

A new user teldat is created using the predefined monitor role. This kind of role allows the execution of a reduced set of operational commands.

Scenario

Step 1: Set the following configuration in DUT0:

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$Lbini/thHgDiXChY$c6mAdOwbKK484ykXQNSzEcBFPTKyNwlc6J9OLNa3q7m55z8kD2hNUVUHQw/XHhVvh1HQy796uWJCO59l.Grtr.'
set system login user teldat role monitor

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 3: Run command show running at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 4: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:57:19 +00:00

Step 5: Login as admin user on DUT0.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0:

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:57:23 +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$Lbini/thHgDiXChY$c6mAdOwbKK484ykXQNSzEcBFPTKyNwlc6J9OLNa3q7m55z8kD2hNUVUHQw/XHhVvh1HQy796uWJCO59l.Grtr.'
set system login user teldat role monitor
set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 9: Run command show date at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 10: Login as admin user on DUT0.

---

Test Operator Role

Description

A new user teldat is created using the predefined operator role. This kind of role allows the execution of some operational commands.

Scenario

Step 1: Set the following configuration in DUT0:

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$k/tGoEp9gc6KqsFv$AqZJxZ83n7mxWnUSTyFVC.ZIMnqhV.DMXjlfAQw5gG8TqV2ut0xtpVzgsicZ9LZwYUITHRXw/TcOZd7vfAORD.'
set system login user teldat role operator

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 3: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:57:32 +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$k/tGoEp9gc6KqsFv$AqZJxZ83n7mxWnUSTyFVC.ZIMnqhV.DMXjlfAQw5gG8TqV2ut0xtpVzgsicZ9LZwYUITHRXw/TcOZd7vfAORD.'
set system login user teldat role operator

Step 4: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:57:32 +00:00

Step 5: Login as admin user on DUT0.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0:

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:57:36 +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$k/tGoEp9gc6KqsFv$AqZJxZ83n7mxWnUSTyFVC.ZIMnqhV.DMXjlfAQw5gG8TqV2ut0xtpVzgsicZ9LZwYUITHRXw/TcOZd7vfAORD.'
set system login user teldat role operator
set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 9: Run command show date at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 10: Login as admin user on DUT0.

---

Test Admin Role

Description

A new user teldat is created using the predefined admin role. This kind of role allows the execution of all operational commands and has access to the configuration menu.

Scenario

Step 1: Set the following configuration in DUT0:

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$qBTcabrdRJb59.Pa$cwqzV6YhZv5LrjgSgYX8V7OEV.ILl7fXVENdT8qGYAJZaSwWb2SOeY1OZN6vXbw7RglXsxvQmzklUQqRKgezS1'
set system login user teldat role admin

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

service inactive. doing nothing.

Step 3: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:57:45 +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$qBTcabrdRJb59.Pa$cwqzV6YhZv5LrjgSgYX8V7OEV.ILl7fXVENdT8qGYAJZaSwWb2SOeY1OZN6vXbw7RglXsxvQmzklUQqRKgezS1'
set system login user teldat role admin

Step 4: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:57:45 +00:00

Step 5: Login as admin user on DUT0.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0:

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

service inactive. doing nothing.

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:57:49 +00:00
# Warning: Configuration has not been saved
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$qBTcabrdRJb59.Pa$cwqzV6YhZv5LrjgSgYX8V7OEV.ILl7fXVENdT8qGYAJZaSwWb2SOeY1OZN6vXbw7RglXsxvQmzklUQqRKgezS1'
set system login user teldat role admin
set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 9: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:57:49 +00:00

Step 10: Login as admin user on DUT0.

---

Test Custom Role

Description

A new user teldat is created using a custom role. The user-level can be dynamically changed.

Scenario

Step 1: Set the following configuration in DUT0:

set system login role custom_role level 8
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$e/9RAldTlftpIX5z$PSac7GVjfaleyjcGJpK7tY9qYvX5XRHniCtYty18NOUnCX8OPIUCOn.FLTU89wjXfOys5oC8ZdqclfiMzlTeZ.'
set system login user teldat role custom_role

Step 2: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 3: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:57:57 +00:00
# Warning: Configuration has not been saved
set system login role custom_role level 8
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$e/9RAldTlftpIX5z$PSac7GVjfaleyjcGJpK7tY9qYvX5XRHniCtYty18NOUnCX8OPIUCOn.FLTU89wjXfOys5oC8ZdqclfiMzlTeZ.'
set system login user teldat role custom_role

Step 4: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:57:57 +00:00

Step 5: Login as admin user on DUT0.

Step 6: Modify the following configuration lines in DUT0:

set system login role custom_role level 14

Step 7: Run command service cnm restart at DUT0 and expect this output:

Show output

service inactive. doing nothing.

Step 8: Run command show running at DUT0 and expect this output:

Show output

# Teldat OSDx VM version v4.2.1.0
# Mon 07 Oct 2024 10:58:01 +00:00
# Warning: Configuration has not been saved
set system login role custom_role level 14
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$e/9RAldTlftpIX5z$PSac7GVjfaleyjcGJpK7tY9qYvX5XRHniCtYty18NOUnCX8OPIUCOn.FLTU89wjXfOys5oC8ZdqclfiMzlTeZ.'
set system login user teldat role custom_role

Step 9: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:58:01 +00:00

Step 10: Login as admin user on DUT0.

Step 11: Modify the following configuration lines in DUT0:

set system login role custom_role level 3

Step 12: Run command service cnm restart at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 13: Run command show running at DUT0 and expect this output:

Show output

CLI Error: Insufficient privileges

Step 14: Run command show date at DUT0 and expect this output:

Show output

Mon 07 Oct 2024 10:58:05 +00:00

Step 15: Login as admin user on DUT0.

---