...
Create an Object with a Privilege Tag
This is accomplised accomplished via the CLI. An object in this case is a specific interface on a network device.
...
/usr/local/omk/bin/oprbac_admin.exe act=create-object path=root,opflowsp,agent,<IP Address>,interface,<SNMP IF Number> read_privileges=<Privilege Tag>
- IP Address: The IP address that the network device uses to source flow data.
- SNMP IF Number: This is the SNMP index number of the interface in question.
- Privilege Tag: This tag user defined and will be assigned to a role.
Associate a Privilege Tag with a Role
This step is also accomplished via the CLI.
| Code Block |
|---|
root@spflow:~# /usr/local/omk/bin/oprbac_admin.exe act=update-role name=CustomerA privileges=CustomerA_read
updated role. |
Syntax:
/usr/local/omk/bin/oprbac_admin.exe act=update-role name=<Role Name> privileges=<Privilege Tag>
- Role Name: The role that user is assigned to.
- Privilege Tag: The privilege tag that is associated with the previously defined interface object that the user is allowed to view.