Nortel Networks NN46120-104 User Manual
Page 84
84
Managing Users and Groups
the
certadmin
group should know the export passphrase. The
export passphrase can contain spaces and is case sensitive.
>> User cert_admin# ../caphrase
Enter new passphrase:
Re-enter to confirm:
Passphrase changed.
9
Remove the
admin
user from the
certadmin
group.
Again, this step is only necessary if you want to fully separate
the Certificate Administrator user role from the Administrator user
role. Note however, once the
admin
user is removed from the
certadmin
group, only a user who is already a member of the
certadmin
group can grant the
admin
user
certadmin
group
membership.
When the
admin
user is removed from the
certadmin
group,
only the Certificate Administrator user can access the Certificate
menu (
/cfg/cert
).
>> User# edit admin
>> User admin# groups/list
1:
tunnelguard
2:
admin
3:
oper
4:
certadmin
>> Groups# del 4
Note: It is critical that a Certificate Administrator user is
created and assigned
certadmin
group membership before
the
admin
user is removed from the
certadmin
group.
Otherwise there is no way to assign
certadmin
group
membership to a new user, or to restore
certadmin
group
membership to the
admin
user, should it become necessary.
10
Verify and apply the changes.
>> Groups# list
Old:
1:
tunnelguard
2:
admin
3:
oper
4:
certadmin
Pending:
1:
tunnelguard
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.