Check Roles

This scenario shows how to configure and use OSDx user roles.

Test Monitor Role

Description

A new user teldat is created using the predefined monitor role. This kind of role allows the execution of a reduced set of operational commands.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$FEhWXb2xEDWrgmqb$IhYDKVzmsVf2ZIql2YyXHZSfNfzgiOgrQCw4JX5gyHY.7kUg.1FdGi0nU/ga1m0sRZczcQSAwWQPyTBE76i6C0'
set system login user teldat role monitor

Step 2: Run command service cnm restart at DUT0 and expect this output:

Step 3: Run command show running at DUT0 and expect this output:

Step 4: Run command show date at DUT0 and expect this output:

Step 5: Login as admin user on DUT0.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0 :

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Step 8: Run command show running at DUT0 and expect this output:

Step 9: Run command show date at DUT0 and expect this output:

Step 10: Login as admin user on DUT0.

Test Operator Role

Description

A new user teldat is created using the predefined operator role. This kind of role allows the execution of some operational commands.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$815dGrDbBkqqX0Mc$5k3Xb3qN2eb9kRSYRyf30Qsm9MlxTFg/n5V4MikVtqZZvRobltw8aIhETcuA5PMGAgyZW8EEYvvISeZHLi6Sy/'
set system login user teldat role operator

Step 2: Run command service cnm restart at DUT0 and expect this output:

Step 3: Run command show running at DUT0 and expect this output:

Step 4: Run command show date at DUT0 and expect this output:

Step 5: Login as admin user on DUT0.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0 :

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Step 8: Run command show running at DUT0 and expect this output:

Step 9: Run command show date at DUT0 and expect this output:

Step 10: Login as admin user on DUT0.

Test Admin Role

Description

A new user teldat is created using the predefined admin role. This kind of role allows the execution of all operational commands and has access to the configuration menu.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$oh42uMoE0td3H/d4$u5R7E/rVIrUtet.J.vwhGCCVqtJBQEslkCqgnpcJwGDVP5yXjD..KUiP19oy7D1/Q7ZKu12EGN4rKUcuFFJm41'
set system login user teldat role admin

Step 2: Run command service cnm restart at DUT0 and expect this output:

Step 3: Run command show running at DUT0 and expect this output:

Step 4: Run command show date at DUT0 and expect this output:

Step 5: Login as admin user on DUT0.

Note

Dynamically change the required user-level for some specific operational commands.

Step 6: Modify the following configuration lines in DUT0 :

set user-level 0 command 'show running'
set user-level 10 command 'show date'

Step 7: Run command service cnm restart at DUT0 and expect this output:

Step 8: Run command show running at DUT0 and expect this output:

Step 9: Run command show date at DUT0 and expect this output:

Step 10: Login as admin user on DUT0.

Test Custom Role

Description

A new user teldat is created using a custom role. The user-level can be dynamically changed.

Scenario

Step 1: Set the following configuration in DUT0 :

set system login role custom_role level 8
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system login user teldat authentication encrypted-password '$6$waKooyPv2K1czasO$u6F9KQ0RUQsh3miUEJViOOm7II41NQSDN8rZeWuCHbMw8Zx1pYHea4YY4OiolsPfjrowhMAPgZlKLT6lE5wK9.'
set system login user teldat role custom_role

Step 2: Run command service cnm restart at DUT0 and expect this output:

Step 3: Run command show running at DUT0 and expect this output:

Step 4: Run command show date at DUT0 and expect this output:

Step 5: Login as admin user on DUT0.

Step 6: Modify the following configuration lines in DUT0 :

set system login role custom_role level 14

Step 7: Run command service cnm restart at DUT0 and expect this output:

Step 8: Run command show running at DUT0 and expect this output:

Step 9: Run command show date at DUT0 and expect this output:

Step 10: Login as admin user on DUT0.

Step 11: Modify the following configuration lines in DUT0 :

set system login role custom_role level 3

Step 12: Run command service cnm restart at DUT0 and expect this output:

Step 13: Run command show running at DUT0 and expect this output:

Step 14: Run command show date at DUT0 and expect this output:

Step 15: Login as admin user on DUT0.