User Group Permissions

User Group Permissions

Nodegrid allows you to create users and groups, and set the appropriate permissions for them.

For example, user John belongs to group system-test, and the this group will be able to configure Nodegrid, track system information, and terminate session.

Here is the configuration for this scenario:

Configuration via WebUI

1. Log in as admin, and go to Security page.

2. In Local Accounts page, click on Add button.

3. Enter username john, and his password, e.g., john. Save.

4. Then go to Authorization.

5. Click on Add and enter the group name, e.g. system-test.

6. Then click on the name system-test.

7. Click on Add in Members page, and add john moving from the left to the right list. Save.

8. Click on Profile, and move the following permissions from the left to the right list:

- Configure System

- Track System Information

- Terminate Sessions

and Save.

9. Click on Devices, and then Add. Move the devices from the left to the right list. Save.

10. After that go to Services, and enable "Device access enforced via user group authorization" parameter. Save.

Configuration via CLI

1. Access Nodegrid via ssh, telnet, or console and log in as admin

2. Copy the following lines below, and paste them at the CLI prompt:

add /settings/local_accounts/

set username=john

set password=john


add /settings/authorization/

set name=system-test


add /settings/authorization/system-test/members

set local_users=john


set /settings/authorization/system-test/profile/ configure_system=yes

set /settings/authorization/system-test/profile/ track_system_information=yes

set /settings/authorization/system-test/profile/ terminate_sessions=yes


set /settings/authorization/system-test/profile/ devices=<device1>,<device2>,<device3>


set /settings/services/ device_access_per_user_group_authorization=yes


Note: you can also add remote users (e.g, from Radius, Tacacs+, LDAP/AD user database) to the Nodegrid User Groups.

In step 7 (from Configuration via WebUI), add the remote users in the 'Remote Users' field, separated with comma.

To add remote users via CLI, then type the following:

add /settings/authorization/system-test/members

set remote_users=usera,userb,userc


    • Related Articles

    • How to Configure Active Directory or LDAP Authentication Provider

      Version 0.1 (08 May 2018) Overview NodeGrid supports the authentication and authorization of users through different authentication providers, like LDAP. This guide will look at the different authentication options which are available with LDAP or AD ...
    • System Configuration Checksum

      ​Nodegrid system configuration checksum is a feature which creats a checksum for all the configuration files inside Nodegrid. This provides administrators a quick tool to verify periodically if the configuration has changed, and can be used for ...
    • Message: Error Reading SSH Protocol Banner

      Nodegrid allows 10 ssh connections enqueued during protocol negotiation phase. So if you launch more than 10 ssh sessions in parallel, there is a chance that some will be denied. This is a regular approach taken by ssh daemon to prevent denial of ...
    • Network Configuration via CLI

      Example of configuring the ETH0 interface via CLI (please, replace the network values with your own information). Log in as admin to the Nodegrid console port or HDMI Type the following commands (in bold): [admin@nodegrid /]# cd ...
    • Letter of Volatility - How to Permanently Erase User Data From Nodegrid appliances

      ZPE takes security very seriously and we are glad to share the volatility information of our products with you. In normal operation, user data resulting from keystrokes, managed devices output and device monitoring data passing through our product ...