3 router users – Allied Telesis AT-WR4500 User Manual

AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

147

RouterOS v3 Configuration and User Guide

Example

To add reboot group that is allowed to reboot the router locally or using telnet, as well as read the
router's configuration, enter the following command:

[admin@rb13] user group> add name=reboot policy=telnet,reboot,read,local
[admin@rb13] user group> print
0 name="read" policy=local,telnet,ssh,reboot,read,test,winbox,password,web,
sniff,!ftp,!write,!policy

1 name="write" policy=local,telnet,ssh,reboot,read,write,test,winbox,password,
web,sniff,!ftp,!policy

2 name="full" policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,
password,web,sniff
3 name="reboot" policy=local,telnet,reboot,read,!ssh,!ftp,!write,!policy,!test,
!winbox,!password,!web,!sniff
[admin@rb13] user group>

7.3.3

Router Users

Submenu level: /user

Description

Router user database stores the information such as username, password, allowed access addresses and
group about router management personnel.

Property Description

address (IP address/netmask; default: 0.0.0.0/0) - host or network address from which the user is
allowed to log in
group (name) - name of the group the user belongs to
name (name) - user name. Although it must start with an alphanumeric character, it may contain "*", "_",
"." and "@" symbols
password (text; default: "") - user password. If not specified, it is left blank (hit [Enter] when logging in).
It conforms to standard Unix characteristics of passwords and may contain letters, digits, "*" and "_"
symbols

There is one predefined user with full access rights:

[admin@AT-WR4562] user> print
Flags: X - disabled
# NAME GROUP ADDRESS
0 ;;; system default user
admin full 0.0.0.0/0

[admin@AT-WR4562] user>

There always should be at least one user with fulls access rights. If the user with full access rights is the
only one, it cannot be removed.