beautypg.com

Nortel Networks NN46120-104 User Manual

Page 84

background image

84

Managing Users and Groups

the

certadmin

group should know the export passphrase. The

export passphrase can contain spaces and is case sensitive.

>> User cert_admin# ../caphrase

Enter new passphrase:

Re-enter to confirm:

Passphrase changed.

9

Remove the

admin

user from the

certadmin

group.

Again, this step is only necessary if you want to fully separate
the Certificate Administrator user role from the Administrator user
role. Note however, once the

admin

user is removed from the

certadmin

group, only a user who is already a member of the

certadmin

group can grant the

admin

user

certadmin

group

membership.

When the

admin

user is removed from the

certadmin

group,

only the Certificate Administrator user can access the Certificate
menu (

/cfg/cert

).

>> User# edit admin

>> User admin# groups/list

1:

tunnelguard

2:

admin

3:

oper

4:

certadmin

>> Groups# del 4

Note: It is critical that a Certificate Administrator user is
created and assigned

certadmin

group membership before

the

admin

user is removed from the

certadmin

group.

Otherwise there is no way to assign

certadmin

group

membership to a new user, or to restore

certadmin

group

membership to the

admin

user, should it become necessary.

10

Verify and apply the changes.

>> Groups# list

Old:

1:

tunnelguard

2:

admin

3:

oper

4:

certadmin

Pending:

1:

tunnelguard

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.