Manualshelf

Administrator Guide

ManualsBrandsDell ManualsComputer equipmentForce10 Z9000
731732733734735736737738739740
Example: Allow Security Administrator to Access Only 10-Gigabit Ethernet Interfaces
The following example allows the security administrator (secadmin) to only access 10-Gigabit Ethernett
interfaces and then shows that the secadmin, highlighted in bold, can now access Interface mode.
However, the
secadmin can only access 10-Gigabit Ethernet interfaces.
Dell(conf)#role configure addrole secadmin ?
LINE Initial keywords of the command to modify
Dell(conf)#role configure addrole secadmin interface tengigabitethernet
Dell(conf)#show role mode configure interface
Role access: netadmin, secadmin, sysadmin
Example: Verify that the Security Administrator Can Access Interface Mode
The following example shows that the secadmin role can now access Interface mode (highlighted in
bold).
Role Inheritance Modes
netoperator
netadmin Exec Config Interface Router IP RouteMap Protocol MAC
secadmin Exec Config
Interface Line
sysadmin Exec Config Interface Line Router IP RouteMap Protocol
MAC
Example: Remove Security Administrator Access to Line Mode.
The following example removes the secadmin access to LINE mode and then verifies that the security
administrator can no longer access LINE mode, using the show role mode configure line
command in EXEC Privilege mode.
Dell(conf)#role configure deleterole secadmin ?
LINE Initial keywords of the command to modify
Dell(conf)#role configure deleterole secadmin line
Dell(conf)#do show role mode ?
configure Global configuration mode
exec Exec Mode
interface Interface configuration mode
line Line Configuration mode
route-map Route map configuration mode
router Router configuration mode
Dell(conf)#do show role mode configure line
Role access:sysadmin
Example: Grant and Remove Security Administrator Access to Configure Protocols
By default, the system defined role, secadmin, is not allowed to configure protocols. The following
example first grants the secadmin role to configure protocols and then removes access to configure
protocols.
Dell(conf)#role configure addrole secadmin protocol
Dell(conf)#role configure deleterole secadmin protocol
Example: Resets Only the Security Administrator role to its original setting.
732
Security