Cisco Nexus 5000 Series Switch CLI Software Configuration Guide (OL-16597-01, July 2009)

ManualsBrandsHP ManualsStorageCisco Nexus 5010 with FCoE Storage Services License Converged Network Switch

361

362

363

364

365

366

367

368

369

370

The following example shows how to configure a user account:

switch# configure terminal

switch(config)# username NewUser password 4Ty18Rnt

switch(config)# exit

switch# show user-account

Configuring RBAC

Creating User Roles and Rules

Each user role can have up to 256 rules. You can assign a user role to more that one user account.

The rule number you specify determines the order in which the rules are applied. Rules are applied in descending

order. For example, if a role has three rules, rule 3 is applied before rule 2, which is applied before rule 1.

Procedure

PurposeCommand or Action

Enters configuration mode.switch# configure terminal

Step 1

Specifies a user role and enters role configuration mode.

Therole-name argument is a case-sensitive, alphanumeric

character string with a maximum length of 16 characters.

switch(config)# role name role-name

Step 2

Configures a command rule.

switch(config-role)# rule number

{deny | permit} command

command-string

Step 3

The command-string argument can contain spaces and

regular expressions. For example, "interface ethernet *"

includes all Ethernet interfaces.

Repeat this command for as many rules as needed.

Configures a read only or read and write rule for all

operations.

switch(config-role)# rule number

{deny | permit} {read | read-write}

Step 4

Configures a read-only or read-and-write rule for a

feature.

switch(config-role)# rule number

{deny | permit} {read | read-write}

feature feature-name

Step 5

Use the show role feature command to display a list of

features.

Repeat this command for as many rules as needed.

Configures a read-only or read-and-write rule for a

feature group.

switch(config-role)# rule number

{deny | permit} {read | read-write}

feature-group group-name

Step 6

Use the show role feature-group command to display

a list of feature groups.

Repeat this command for as many rules as needed.

(Optional)

Configures the role description. You can include spaces

in the description.

switch(config-role)# description text

Step 7

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide

OL-16597-01 319

Configuring User Accounts and RBAC

Configuring RBAC