Manualshelf

User`s guide

ManualsBrandsAMD ManualsComputer equipmentLE-363 User's
281282283284285286287288289290
Chapter 15 User Authorization and Access Control 263
When you are configuring a role group mapping, you can do so either of the
following ways:
Add the role mapping (add ims role-group-mapping) as one step, then use the set
ims role-group-mapping command to set the group and role as a second step.
This method is used for the examples in the following sections.
Add the role mapping (add ims role-group-mapping) and group(s) as one step,
then use the set ims role-group-mapping command to set the role as a second
step.
Add the mapping, group, and role all at once with the add ims role-group-
mapping command.
Whichever way you choose to create the role group mapping, make sure that it has
a name, one or more AD groups (or regular expressions for AD groups), and at least
one XgOS role. The role group mapping must have all three of this parts to allow
user access with the correct level of privileges.
Configure a Role Group Mapping
To configure a role group mapping on the Oracle Fabric Interconnect, follow this
procedure:
1. Create the mapping for the group.
2. Assign the group mapping match expression and the role that is assigned when
a match occurs.
3. (Optional) Set a description for the role group mapping.
4. Verify that the mapping is created correctly.
add ims role-group-mapping publications
set ims role-group-mapping publications -group=pubs -role=storage
set ims role-group-mapping publications -descr="For AD Group Publications"
show ims role-group-mapping publications
name group role descr
--------------------------------------------------------------
publications pubs storage For AD Group Pubs
1 record displayed