Versions Compared

Old Version 8

changes.mady.by.user Christopher Gatlin

Saved on

compared with

New Version 9

changes.mady.by.user Christopher Gatlin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
root@spflow:~# /usr/local/omk/bin/oprbac_admin.exe act=create-object path=root,opflowsp,agent,10.10.1.1,interface,3 read_privileges=CustomerA_read
created new object

Syntax

...

/usr/local/omk/bin/oprbac_admin.exe act=create-object path=root,opflowsp,agent,<IP Address>,interface,<SNMP IF Number> read_privileges=<Privilege Tag>

...

Code Block
root@spflow:~# /usr/local/omk/bin/oprbac_admin.exe act=update-role name=CustomerA privileges=CustomerA_read
updated role.

Syntax

...

/usr/local/omk/bin/oprbac_admin.exe act=update-role name=<Role Name> privileges=<Privilege Tag>

  • Role Name:  The role that user is assigned to.
  • Privilege Tag: The privilege tag that is associated with the previously defined interface object that the user is allowed to view.

Verification

Log in as the newly configured user and verify only the allowed interfaces are available.

The CLI can also be used to verify access as seen below. 

Code Block
root@spflow:~# /usr/local/omk/bin/oprbac_admin.exe act=list-users  verbose=1
Name            Description             Roles           Properties              Privileges
CustomerA_NOC                           CustomerA
root@spflow:~# /usr/local/omk/bin/oprbac_admin.exe act=list-roles  verbose=1
Name            Description             Properties              Privileges
CustomerA                                               CustomerA_read
root@spflow:~# /usr/local/omk/bin/oprbac_admin.exe act=list-objects  verbose=1
Path            Description             Create          Read            Update          Delete
root,opflowsp,agent,10.10.1.1,interface,3                               N/A             CustomerA_read          N/A         N/A