Application Guide

[34]

Software User's

Manual

–

Version 3.0

Group Name

The name identifying the privilege group. In most cases, a privilege level group consists of a single

module (e.g. LACP, RSTP or QoS), but a few of them contain more than one. The following

description defines these privilege level groups in detail:

 System: Contact, Name, Location, Time Zone, Daylight Saving Time, Log.

 Security: Authentication, System Access Management, Port (contains Dot1x port, MAC based

and the MAC Address Limit), ACL, HTTPS, SSH, ARP Inspection, IP source guard.

 IP: Everything except ping.

 Port: Everything except VeriPHY.

 Diagnostics: ping and VeriPHY.

 Maintenance: CLI - System Reboot, System Restore Default, System Password, Configuration

Save, Configuration Load, and Firmware Load. Web - Users, Privilege Levels, and everything in

Maintenance.

 Debug: Only present in CLI.

Privilege Levels

Every group has an authorization Privilege level for the following sub groups: configuration read-only,

configuration/execute read-write, status/statistics read-only, status/statistics read-write (e.g. for

clearing of statistics). User Privilege should be the same or greater than the authorization Privilege

level to have access to that group.

Note that some web pages (for example, MPLS-TP and MEP BFD pages) are based on JSON to

transmit dynamic data between the web server and application. These pages require the configuration

Read/Write privilege of JSON_RPC group before any operations. This requirement must be met first,

then it will evaluate the current privilege level against the required privilege level for the given method.

For example, assume the MPLS-TP page only allows Read-Only attribute under privilege level 5, the

privilege configuration should be set as JSON_RPC: [5,5,5,5] and MPLS_TP: [5,10,5,10].