beautypg.com

Enhancing access privileges – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 47

background image

Brocade Virtual ADX Administration Guide

35

53-1003249-01

Configuring access control

1

The any option would allow the password to be modified from a serial port, Telnet session, or
through IronView.

Enhancing access privileges

You can augment the default access privileges for an access level. When you configure a user
account, you can give the account one of three privilege levels: full access, port-configuration
access, and read-only access. Each privilege level provides access to specific areas of the CLI by
default:

Full access provides access to all commands and displays.

Port-configuration access gives access to:

The User EXEC and Privileged EXEC levels

The port-specific parts of the CONFIG level

All interface configuration levels

Read-only access gives access to:
The User EXEC and Privileged EXEC levels

To enhance the port-configuration privilege level so users also can enter ip commands at the global
CONFIG level (useful for adding IP addresses for multinetting), enter a command such as the
following.

Virtual ADX(config)#privilege configure level 4 ip

This command specifies that the enhanced access is for a command at the global CONFIG level of
the CLI. The level 4 parameter indicates that the enhanced access is for privilege level 4
(port-configuration). All users with port-configuration privileges will have the enhanced access. The
ip parameter indicates that the enhanced access is for the IP commands. Users who log in with
valid port-configuration level user names and passwords can enter commands that begin with “ip”
at the global CONFIG level.

Syntax: [no] privilege cli-level level privilege-level command-string

The cli-level variable specifies the CLI level and can be one of the following values:

exec – EXEC level; for example, Virtual ADX

>

or Virtual ADX

#

configure – CONFIG level; for example, Virtual ADX

(config)#

interface – interface level; for example, Virtual ADX

(config-if-6)#

port-vlan – port-based VLAN level; for example, Virtual ADX

(config-vlan)#

protocol-vlan – protocol-based VLAN level; for example, Virtual ADX

(config-vlan)#

The privilege-level variable indicates the privilege level you are augmenting.

The level parameter specifies the privilege-level. You can specify one of the following:

0 – Full access (super-user)

4 – Port-configuration access

5 – Read-only access

The command-string variable specifies the command you are allowing users with the specified
privilege level to enter. To display a list of the commands at a CLI level, enter “?” at that level's
command prompt and press Return.

See also other documents in the category Brocade Computer Accessories: