Installation guide
15-15
Device Manager Guide, Cisco ACE 4700 Series Application Control Engine Appliance
OL-26645-02
Chapter 15 Managing the ACE Appliance
Managing User Roles
Table 15-4 Predefined Role Rules for Admin and User Contexts
Predefined
Role/Context Description Operations Features
Admin Role
Admin Context If created in the Admin context, user
has complete access to and control over
all contexts, domains, roles, users,
resources, and objects in the entire
ACE.
• Debug
• Create
• Modify
• Monitor
• All (context service
configuration)
• User Access (roles,
domains, and users)
• System (context
administration)
• changeto command (access
to all contexts)
• exec command (enables all
default custom role
commands)
User Context If created in a user context, user has
complete access to and control over all
objects in that context.
Create
• All
• User Access
Network-Admin Role
Admin Context Admin for L3 (IP and Routes) and L4
VIPs
Create • Interfaces
• Routing
• Connection Parameters
• Network Address
Translation (NAT)
• VIPs
• Copy Configurations
1
• changeto command
• exec command
User Context Access to L3 (IP and Routes) and L4
VIPs
Create
• Interfaces
• Routing
• Connection Parameters
• Network Address
Translation (NAT)
• VIPs
• Copy Configurations
1
Network-Monitor Role
Admin Context Monitoring for all features Monitor • All show commands
• changeto command
• exec command
User Context Monitoring for all features Monitor
• All show commands