- Print
- PDF
You can configure each unit to be managed by several users, each with different privileges. Privileges, also referred to as permissions, are used to grant precise levels of access to different user groups. You may choose to limit certain users to only specific configuration options, such as firmware updates, ports, etc., while others have full access to all features.
Note: You must define the permissions to assign to user groups before defining user accounts.
Setting Up Administrator Accounts
Two administrator accounts are created by default:
- One administrator account for general purposes; its username and password are both set to admin
- One special administrator account to allow communication with the sensor orchestration
capabilities within Provider Connectivity Assurance (formerly Skylight orchestrator). Its username and password are both set to ptadmin.
Usernames and passwords are case-sensitive. It is recommended that you change the default passwords immediately after installation to safeguard the system (refer to "Changing Passwords"). The administrator accounts provide access to all features.
Note: To prevent losing administrator access to the Cisco Provider Connectivity Assurance Sensor Control, you cannot modify the administrator account privileges or delete the administrator accounts.
CAUTION: If you, as the administrator, forget your username or password the only way to regain access to the management Web interface is to perform a factory reset. Refer to "Restoring Factory Default Settings".
Adding or Editing User Accounts
▶ To add or edit a user account
Access the page System ▶ Sessions ▶ Users.
A list of all user accounts that have been created for this instance of the Sensor Control is displayed.Click Add or click a User Name if you want to edit a user account.
In the [User name] user settings page, complete the fields, then click Apply.
For more information on specific parameters, refer to the following table.
User Settings (System ▶ Session ▶ Users)
Parameter | Description |
---|---|
User name | The login name for the account. |
First name | The account holder's first name. |
Last name | The account holder's last name. |
Phone number | The account holder's phone number. |
The account holder's email address. | |
Password | Enter the password for this account. Note: Passwords for locally-authenticated users are limited to 48 characters. |
Confirm Password | Re-enter the password for this account. |
Setting Permissions for a User Account
You can grant different privileges or permissions to each user account, if you have already defined both the user account and permission groups.
CAUTION: Modifying or reassigning the user groups for your account may result in you being unable to perform some tasks.
▶ To give privileges to a user account
Access the page System ▶ Sessions ▶ Users.
Click the user name that you want to edit.
In the [User Name] user settings page, click the Permission button.
The user's User Permission page is displayed. All available user permission groups are listed.
Note: You can create more groups in the Session ▶ Permissions page.Select the user groups that you want to assign to this user, then click Apply.
Changing Passwords
▶ To change a user's password
Access the page System ▶ Sessions ▶ Users.
Click the user name that you want to edit.
Enter the user's new password in both the Password and Confirm Password fields, then click Apply.
Note: If you forget your username or password, contact your Administrator for a password reset.
For more information on specific parameters, refer to the table "User Settings (System ▶ Session ▶ Users)".
Defining Permissions for a Group of Users
You must first define group permissions, including sub permissions, before you can assign users to groups.
▶ To define permissions for a group of users
Access the page System ► Session ► Permissions.
Click Add or click the Group Name that you want to edit.
Select the Privileges to assign to the selected user group, for sub-permissions click the + before the name of the privilege and then select from the sub-permissions group.
Click Apply.
Note: You cannot change the privileges of user group Admin. This user group has full access to all functions.
For more information on specific parameters, see below.
Group Privileges (System ► Session ► Permissions) Parameters
Group name: The name of the user permission group
Privileges: The privileges given to the user permission group allow its members to use specified Sensor Control functionality.
The following commands can be used by all users regardless of their privileges:
- board
- date
- exit
- help
- ping
- quit
- sfp
- syntax
- tcp-connect
- traceroute
- version
ACL: Edit/Enable ACL settings.
Alarms: Edit/Add/Enable alarm reporting configurations.
CFM: Edit/Add the SOAM CFM feature.
+ Config: Import/Export configuration files through CLI.
Sub-Permissions:
- import
- export
- rollback
- factory
Discovery: Add/Edit/Delete/Show discovery instance.
Feature-Suites: Import/Delete/Show feature suites.
Filters: Edit/Add Layer-2 filters, IPv4 filters and VLAN:
- filter
- vid-set
+ Firmware: Upgrade firmware.
Sub-Permissions:
- upgrade
- rollback
flow broker: Edit/Show flow broker information.
flowmeter: Edit/Show flowmeter information.
History: Edit the history bucket statistics.
Log: Edit syslog configuration and view logged entries.
Loopback: Add/Edit/Enable loopback.
Management: Edit/Add management access to the Sensor Control:
- dns
- interface
- inventory
- license
- motd
- ntp
- ptp
- route
- sfp
- snmp
- snmp-trap
Policies: Edit/Add/Enable policies for filtering traffic.
Port: Edit/Add/Enable port configurations:
- port
- statistics
RFC-2544: Add/Edit/Enable the RFC-2544 menu.
+ Remote-Device-Mgnt: Add/Edit/Delete/Show remote device information.
Sub-Permissions:
- firmware
- delete
- reboot
- delete reboot
- factory reset
SAT-protocol: Edit/Enable Service Activation Testing protocol.
SAT-reporting: Edit/Enable Service Activation Testing reporting.
Security-Key: Import/Test/Edit/Show remote device key management settings.
+ Sessions: Manage sessions and edit session configuration:
- RADIUS
- TACACS+
- reboot
- session
Sub-Permissions:
- reboot
TWAMP: Edit/Enable TWAMP settings.
Traffic: Edit/Enable VLAN encapsulation settings.
Users: Edit/Add and manage user accounts and permissions:
- permission-group
- user
VNID: Edit V-NID reflector settings.
Virtual-connection: Add/Delete/Enable/Edit/Show vce configuration.
Y.1564: Edit/Add/Enable Y.1564 test methodology
All-add: Permission to add in all sections that are viewable
All-edit: Permission to edit in all sections that are viewable
All-enable: Permission to enable in all sections that are viewable
© 2024 Cisco and/or its affiliates. All rights reserved.
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks