Filter
Top Products
Administrative Profiles Commands 271
5
Administrative Profiles Commands
Overview
The administrative profiles capability provides the network administrator
control over which commands a user is allowed to execute. The administrator
is able to group commands into a “profile” and assign a profile to a user upon
authentication. This provides more granularity than simply allowing read-
only and read-write users. It may be, for example, that a particular user is only
allowed to manage the Captive Portal feature but not allowed to manage any
other of the switch features.
This capability is similar to the industry standard “User Roles” feature. The
main difference is that the Administrative Profile is obtained via
authentication rather than via authorization. This was necessary because Dell
PowerConnect does not support AAA authorization of users.
Functionally, the Administrative Profiles feature allows the network
administrator to define a list of rules which control the commands which may
be executed by a user. These rules are collected in a “profile.” A rule defines a
set of commands to which a user is permitted or denied access. Alternatively,
a rule may define a CLI command mode to which the user is permitted or
denied access. The rule numbers determine the order in which the rules are
applied: Rules are applied in descending numerical order until there is a
match. Rules may use regular expressions for command matching. All profiles
have an implicit “deny all” rule such that any command which does not
match any rules in the profile is considered to have been denied by that
profile.
It is possible to assign a user more than one profile. If there are conflicting
rules in profiles, the “permit” rule always takes precedence over the “deny”
rule, i.e., if any profile assigned to a user permits a command, then the user is
permitted access to that command. A user may be assigned up to 16 profiles.
A number of profiles are provided by default. These profiles may not be
altered by the switch administrator.
2CSPC4.X8100-SWUM102.book Page 271 Friday, March 15, 2013 8:56 AM