Manualshelf

System information

ManualsBrandsCrestron ManualsComputer equipmentCP3N
51525354555657585960
Crestron 3-Series Control Systems Reference Guide
Reference Guide DOC. 7150A 3-Series Control Systems 51
CLEARAUDITLOG
Command to clear the audit log of all entries.
CLEARAUDITLOG
No parameter - Clears the audit log
User Access Level
If a user belongs to multiple groups, the access level is the combined access level of
all the groups the user belongs to.
Local User Logon
Local users are created with no access rights. If a local user was never added to any
local group, even though the account is in the control system, they are unable to
connect to control system’s console if authentication is on. To grant access to a local
user, administrators must make sure the user is added to at least one local group.
If authentication is on and a user opens a connection to console, console prompts the
user for a user name (login) and password.
Following shows an example of a successful local user logon:
MC3 Console
Login: john
Password: ******
MC3>
Active Directory User Logon
After an administrator added an Active Directory user or group to control system, the
user or group’s name and SID is stored in the control system. When an Active
Directory user tries to authenticate against console, console uses the credentials
provided by user to authenticate against Active Directory. If Active Directory
authentication is successful, console queries Active Directory for this user’s SID. If
the user was added to the control system, console compares the SID from Active
Directory with the stored SID. Access is granted to the user only if SID comparison
is ok. If the user was never added to the control system, console queries Active
Directory for all the groups that this user belongs to and retrieves the group SIDs.
Console iterates these SIDs and see if any of them matches the stored group SIDs.
Access is granted to user only if at least one match is found.
To log onto console as an active directory user, both domain name and user name
must be provided and separated by a\” or “/” when prompted for login information.
Following shows an example of a successful domain user logon:
MC3 Console
Login: firmwaredev\jsmith
Password: ***************
MC3>