Role-based access control, Default roles, Configuring a user alias – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual
Page 211

Network OS NETCONF Operations Guide
179
53-1003231-02
Role-based access control
15
Configuring a user alias
The global alias is accessible across all users. The user-level alias is accessible only when the
respective user logs in.
1. Issue the
urn:brocade.com:mgmt:brocade-aaa namespace.
2. Under the
define the alias configuration.
Role-based access control
Network OS uses role-based access control (RBAC) as the authorization mechanism. You can
create roles dynamically and associate them with rules to define the permissions applicable to a
particular role. Every user account must be associated with a role and only a single role can be
associated with any given account.
RBAC specifies access rights to resources. When a user executes a command, privileges are
evaluated to determine access to the command based on the role of the user.
In Logical chassis cluster mode, the configuration is applied to all nodes in the cluster.
Default roles
All Brocade VDX switches support two default roles, “user” and “admin.” You cannot modify the
attributes of default roles; however, you can assign the default roles to non-default user accounts.
The default roles have the following access privileges:
•
The user role has limited privileges that are mostly restricted to executing show commands in
the Privileged EXEC mode. User accounts associated with the user role cannot access
configuration commands that are available only in global configuration mode.