User Group Permissions

            Nodegrid allows you to create users and groups, and set the appropriate permissions for them.

            For example, user John belongs to group system-test, and the this group will be able to configure Nodegrid, track system information, and terminate session.

            Here is the configuration for this scenario:

            Configuration via WebUI

            1. Log in as admin, and go to Security page.

            2. In Local Accounts page, click on Add button.

            3. Enter username john, and his password, e.g., john. Save.

            4. Then go to Authorization.

            5. Click on Add and enter the group name, e.g. system-test.

            6. Then click on the name system-test.

            7. Click on Add in Members page, and add john moving from the left to the right list. Save.

            8. Click on Profile, and move the following permissions from the left to the right list:

            - Configure System

            - Track System Information

            - Terminate Sessions

            and Save.

            9. Click on Devices, and then Add. Move the devices from the left to the right list. Save.

            10. After that go to Services, and enable "Device access enforced via user group authorization" parameter. Save.

            Configuration via CLI

            1. Access Nodegrid via ssh, telnet, or console and log in as admin

            2. Copy the following lines below, and paste them at the CLI prompt:

            add /settings/local_accounts/

            set username=john

            set password=john


            add /settings/authorization/

            set name=system-test


            add /settings/authorization/system-test/members

            set local_users=john


            set /settings/authorization/system-test/profile/ configure_system=yes

            set /settings/authorization/system-test/profile/ track_system_information=yes

            set /settings/authorization/system-test/profile/ terminate_sessions=yes


            set /settings/authorization/system-test/profile/ devices=<device1>,<device2>,<device3>


            set /settings/services/ device_access_per_user_group_authorization=yes


            Note: you can also add remote users (e.g, from Radius, Tacacs+, LDAP/AD user database) to the Nodegrid User Groups.

            In step 7 (from Configuration via WebUI), add the remote users in the 'Remote Users' field, separated with comma.

            To add remote users via CLI, then type the following:

            add /settings/authorization/system-test/members

            set remote_users=usera,userb,userc


            Updated: 03 Aug 2019 11:06 AM
            Help us to make this article better
            0 0