|
|
This chapter contains the following sections:
With the Access Manager, you can set up the following levels of administrative access to Cisco UGM managed devices and their subcomponents:
 |
Note When setting up security management, first create the access specifications, then the user groups, and finally the users. |
You can assign these features and access specifications to levels of Cisco UGM users.
| Feature List | Description |
|---|---|
UGM_ASMainEM_All_Properties_Dialogs | All properties dialog boxes for access server chassis. |
UGM_ASMainEM_CLIShowCommands | All CLI show command dialog boxes. |
UGM_ASMainEM_Chassis_And_Card_Commissioning | Card and chassis commissioning dialog boxes. |
UGM_ASMainEM_FileExport_Configuration | All file export configuration dialog boxes. |
UGM_ASMainEM_Configure_Admin_States | Configure administrative state dialog box. |
UGM_ASMainEM_PerformancePollingConfig | Performance polling configuration and start/stop dialog boxes. |
UGM_ASMainEM_Provision_AccessServers | Manual deployment of access servers dialog boxes. |
UGM_ASMainEM_TrapForwarding | All trap forwarding configuration dialog boxes. |
UGM_ASMainEMCiscoView | CiscoView application invocation dialog boxes. |
UGM_IOSFmgrEMDialogFeatureList | All NAS file repository dialog boxes. |
| UGM_IOSFmgrEMProvisioningFeatureList | File import dialog boxes for the NAS file repository. |
UGM_IOSMgrDialogFeatureList | IOS operations and scheduled actions properties dialog boxes. |
UGM_commonEMDialogFeatureList | Device readiness, device information, log configuration, group authentication, and telnet dialog boxes. |
UGM_commonEMProvisioningFeatureList | Deployment of group authentication objects dialog boxes. |
|
Note You can modify these access specifications, or add new ones. |
| Access Specification | Permission | Feature Lists |
|---|---|---|
UGM_ASMainEM_All_Features | Read-Write-Admin | UGM_ASMainEM_All_Properties_Dialogs UGM_ASMainEM_CLIShowCommands UGM_ASMainEM_Chassis_And_Card_Commissioning UGM_ASMainEM_FileExport_Configuration UGM_ASMainEM_Configure_Admin_States UGM_ASMainEM_PerformancePollingConfig UGM_ASMainEM_Provision_AccessServers UGM_ASMainEM_TrapForwarding |
UGM_ASThirdParty | Read-Write-Admin | UGM_ASMainEMCiscoView |
UGM_IOSMgr | Read-Write-Admin | UGM_IOSMgrDialogFeatureList |
UGM_IOSFmgrEM | Read-Write-Admin | UGM_IOSFmgrEMDialogFeatureList UGM_IOSFmgrEMProvisioningFeatureList |
UGM_commonEM | Read-Write-Admin | UGM_commonEMDialogFeatureList UGM_commonEMProvisioningFeatureList |
| Feature | Permission |
|---|---|
ASEMSEventBrowser | Read |
ProvisionASMainEMASMainEM | Read-Write |
ProvisionASMainEMcontainer | Read-Write |
ASMainEMAS5350ChassisOpenShow5350Service | Read-Write |
ASMainEMAS5400ChassisOpenShow5400Service | Read-Write |
ASMainEMAS5800ChassisOpenShow5800Service | Read-Write |
ASMainEMAS5850ChassisOpenShow5850Service | Read-Write |
ASMainEMContainerOpenShow5350Service | Read-Write |
ASMainEMContainerOpenShow5400Service | Read-Write |
ASMainEMContainerOpenShow5850Service | Read-Write |
ASMainEMContainerOpenShow5800Service | Read-Write |
ASMainEMASGenericChassisOpenAccessServerChassisService | Read |
ASMainEMASGenericChassisOpenCardPropertiesService | Read |
ASMainEMASGenericChassisOpenDs1e1propertiesService | Read |
ASMainEMASGenericChassisOpenDS3PropertiesService | Read |
ASMainEMASGenericChassisOpenEthernetPortService | Read |
ASMainEMASGenericChassisOpenChannelStatisticsService | Read |
ASMainEMASUPCardOpenModemUniversalPortService | Read |
ASMainEMASGenericChassisOpenChassisCommissioningService | Read-Write |
ProvisionASMainEMASTrapForward | Read-Write |
ASMainEMASCT3CardOpenDS3PropertiesService | Read |
ASMainEMASGenericCardOpenCardPropertiesService | Read |
ASMainEMASDS1E1OpenChannelStatisticsService | Read |
ASMainEMASEMSOpenEMSAboutService | Read |
ASMainEMContainerOpenStartStopPerfPollingService | Read-Write |
ASMainEMASDS1E1OpenDs1e1propertiesService | Read |
ASMainEMASPerPollConfigOpenStartStopPerfPollingService | Read-Write |
ASMainEMASPerPollConfigOpenGlobalPerfPollConfigService | Read-Write |
ASMainEMASGenericNetworkIfOpenEthernetPortService | Read |
ASMainEMASGenericChassisOpenModemUniversalPortService | Read |
ASMainEMContainerOpenChassisCommissioningService | Read-Write |
ASMainEMASModemCardOpenModemUniversalPortService | Read |
ASMainEMAST1E1CardOpenDs1e1propertiesService | Read |
ASMainEMASDS3PortOpenDS3PropertiesService | Read |
ProvisionASMainEMASTrapForwardHost | Read-Write |
ASMainEMASSPEOpenModemUniversalPortService | Read |
ASMainEMASGenericShutDownableOpenConfigureAdminStateService | Read-Write |
ASMainEMASModemOpenModemUniversalPortService | Read |
ASMainEMASFileExportOpenFileExportService | Read-Write |
ASMainEMASDS0ChannelOpenChannelStatisticsService | Read |
ASMainEMContainerOpenAccessServerChassisService | Read |
ASMainEMASUniversalPortOpenModemUniversalPortService | Read-Write |
ASMainEMASGenericCardOpenCardCommissioningService | Read-Write |
ASMainEMASTrapForwardOpenTrapForwardService | Read-Write |
IOSFmgrEMIOSFileVersionDeleteService | Read-Write |
IOSFmgrEMIOSFileCategoryOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSDeviceTypeOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSTemplateCategoryOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSFileVersionOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSAS5350TemplateVersionOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSAS5400TemplateVersionOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSAS5800TemplateVersionOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSAS5850RSC6TemplateVersionOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSAS5850RSC7TemplateVersionOpenObjectConfigService | Read-Write |
IOSFmgrEMIOSAS5850RSC6TemplateVersionOpenBuildConfigFileFrom5850RSCSlot6TemplateService | Read-Write |
IOSFmgrEMIOSAS5850RSC7TemplateVersionOpenBuildConfigFileFrom5850RSCSlot7TemplateService | Read-Write |
IOSFmgrEMIOSFileVersionOpenReassociateService | Read-Write |
IOSFmgrEMIOSTechObjOpenAssociateService | Read-Write |
IOSFmgrEMIOSAS5400TemplateVersionOpenBuildConfigFileFrom5400TemplateService | Read-Write |
IOSFmgrEMIOSAS5350TemplateVersionOpenBuildConfigFileFrom5350TemplateService | Read-Write |
IOSFmgrEMIOSAS5800TemplateVersionOpenBuildConfigFileFrom5800TemplateService | Read-Write |
IOSFmgrEMIOSConfigFileCategoryOpenViewFileService | Read-Write |
IOSFmgrEMIOSConfigFileVersionOpenViewFileService | Read-Write |
ProvisionIOSFmgrEMNAS-File-Repository | Read-Write |
ProvisionIOSFmgrEMIOSFileCategory | Read-Write |
ProvisionIOSFmgrEMIOSDeviceType | Read-Write |
IOSMgrIOSScheduledActionOpenScheduledActionPropertiesService | Read-Write |
IOSMgrIOSManageableOpenIOSOperationsDialogService | Read-Write |
IOSMgrContainerOpenScheduledActionPropertiesService | Read-Write |
IOSMgrContainerOpenIOSOperationsDialogService | Read-Write |
CommonEMContainerOpenDevInfoService | Read-Write |
CommonEMCommonIOSDeviceOpenDevInfoService | Read-Write |
CommonEMCommonctrlLogOpenLogLevelConfigService | Read-Write |
CommonEMContainerOpenDevLoginConfigService | Read-Write |
CommonEMCommonIOSDeviceOpenDevLoginConfigService | Read-Write |
CommonEMCommonSystemObjectOpenSystemObjectSettingsService | Read-Write |
CommonEMCommonGroupAuthOpenGroupAuthConfigService | Read-Write |
ProvisioncommonEMcommonEM | Read-Write |
CommonEMTelnetService | Read-Write |
|
Note You can create an access specification without an associated user group or feature lists. |
Step 1 Start the Access Manager from the Launchpad.
Step 2 In the Access Manager window, choose Edit > Create > Access Specification.
Step 3 Enter an Access Specification name, whether you want to replicate another access specification, features and feature lists, level of access (Read-only, Read-Write, or Read-Write-Admin) a user group to which to assign this Access Specification (blank if this is the first time you are setting up system security).
Step 1 In the Access Manager window, choose Edit > Create > User Group.
Step 2 Enter a group name, whether you want to replicate another group, users to include in this group (blank if this is the first time you are setting up system security), and access specifications for this group.
|
Note You can assign a user to more than one user group; however, if you assign several permission levels to the same user, Cisco UGM reads the highest permission level that is assigned to this user and establishes that permission level for the user through all the groups. |
Step 1 In the Access Manager window, choose Edit > Create > User.
Step 2 Enter a login name, first name, surname, e-mail address, and whether you want to replicate another user, group membership, password, and user description.
 |
Tip Only a system administrator can modify an Access Manager User, User Group, or Access Specification. |
You can modify security entities from the Access Manager GUI by selecting the Edit > Modify menu option, or by selecting the object on the Access Manager GUI screen and double-clicking it.
Posted: Sat Sep 28 16:52:45 PDT 2002
All contents are Copyright © 1992--2002 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.