Reset Search
 

 

Article

Administrator Roles under Management Policy Defined

« Go Back

Information

 
TitleAdministrator Roles under Management Policy Defined
Question
What are the defined Administrator Roles for each user created under WiNG 5 via the Management policy using the FLEX UI?
Environment
  • RFS6010
  • RFS7010
  • RFS4010
  • NX9XXX
  • NX65XX
  • NX45XX
  • NX55XX
  • NX75XX
Answer
The following are the definitions for each Administrator Role, which can also be obtained from the WiNG 5 Controller UI under Configuration/Management/Policy/Administrators, using the Online Help (Blue circle/White question mark on top right-hand side under Commit/Save):

Add administrators as needed when specific roles and access types require creation for individuals responsible for network management.
  1. Select the Add button to create a new administrator configuration, Edit to modify an existing configuration or Delete to permanently remove an Administrator from the list of those available.
  2. If creating a new administrator, enter a user name in the User Name field. This is a mandatory field for new administrators and cannot exceed 32 characters. Optimally assign a name representative of the user and their intended role.
  3. Provide a strong password for the administrator within the Password field, once provided, Reconfirm the password to ensure its accurately entered. This is a mandatory field.
  4. Select Access options to define the permitted access for the user. Access modes can be assigned to management user accounts to restrict which management interfaces the user can access. A management user can be assigned one or more access roles allowing access to multiple management interfaces. If required, all four options can be selected and invoked simultaneously.
Web UI Select this option to enable access to the device's Web user interface. 
Telnet Select this option to enable access to the device using TELNET. 
SSH Select this option to enable access to the device using SSH. 
Console Select this option to enable access to the device's console. 
  1. Select the Administrator Role for the administrator using this profile. Only one role can be assigned.
Superuser Select this option to assign complete administrative rights to the user. This entails all the roles listed for all the other administrative roles. 
System The System role provides permissions to configure general settings like NTP, boot parameters, licenses, perform image upgrades, auto install, manager redundancy/clustering and control access. 
Network The Network role provides privileges to configure all wired and wireless parameters like IP configuration, VLANs, L2/L3 security, WLANs, radios, and captive portal. 
Security Select Security to set the administrative rights for a security administrator allowing configuration of all security parameters. 
Monitor Select Monitor to assign permissions without any administrative rights. The Monitor option provides read-only permissions. 
Help Desk Assign this role to someone who typically troubleshoots and debugs problems reported by the customer. The Help Desk manager typically runs troubleshooting utilities (like a sniffer), executes service commands, views/retrieves logs and reboots the controller, service platform or Access Point. However, Help Desk personnel are not allowed to conduct controller or service platform reloads. 
Web User Select Web User to assign the administrator privileges needed to add users prior to their validation and authentication into the wireless network. 
Device Provisioning Select Device Provisioning to assign an administrator privileges to update (provision) device configuration files or firmware. Such updates run the risk of overwriting and losing a devices existing configuration unless the configuration is properly archived. 
Vendor Admin Select this option to create a vendor-admin user role group so this particular user type can access offline device-registration portal data. Vendors are assigned username/password credentials for securely on-boarding devices. Devices are moved to a vendor allowed VLAN immediately after this on-boarding process, so vendors do not require unique registration roles. When the Vendor-Admin role is selected, provide the vendor's Group name for RADIUS authentication. The vendor's group takes precedence over the statically configured group for device registration. 
  1. Select the OK button to save an administrator's configuration, then commit and save. Select Reset to revert to the last saved configuration.


 
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255