Manualshelf

Instruction manual

ManualsBrandsCitrix Systems ManualsSwitch9000 Series
81828384858687888990
Chapter 2 Installation, Configuration and Management
2-66 NetScaler 9000 Series Installation and Configuration Guide - Volume 1
NSICG60_DEC04
Booting [kernel] in 9 seconds...
2. Press the space bar immediately and the following message is displayed:
Type ‘?’ for a list of commands, ‘help’ for more detailed help.
ok
3. Enter the command ‘boot -s’ and then press the <Enter> key to
start the NetScaler system in single user mode.
After the system boots, the following message is displayed:
Enter full pathname of shell or RETURN for /bin/sh:
4. Press the <Enter> key to display the # prompt.
5. Enter the following command at the shell prompt to mount the file
systems:
mount /dev/dev/ad0s1a /flash
6. Edit the /flash/nsconfig/ns.conf file, removing the ‘set system user
nsroot” entry. Save the file and exit.
7. Reboot the system with the ‘
reboot’ command.
8. When the system completes rebooting login as ‘nsroot’ with the password
‘nsroot’.
9. Once logged in to the system you will be forced to enter a new ‘nsroot’
user password. Once you finish, exit the config ns menu with option
2.6.4.5 Using Roles Based Authorization Command Policies
Where the system users and groups functions allows administrators to define
who has access to the NetScaler system, Roles Based Authorization (RBA)
allows definition as to what systems users and groups are permitted to access
on the NetScaler system. To create these definitions, administrators use
command policies to regulate what commands, command groups, vservers, or
any other NetScaler element system users and groups are permitted to use.
Here are the key points to keep in mind when using command policies.
z The NetScaler 9000 system has a fixed default DENY system command
policy. In practice, this has several effects.
z There can be no globally bound system command authorization policy.
Command policies can be bound directly to system users and groups only.
z Users or groups with no associated command policies are subject to the
default DENY command policy and will therefore not be able to execute
any commands until policies are expressly bound to them.