Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

721

722

723

724

725

726

727

728

729

730

The following example allows the security administrator (secadmin) to access Interface mode.

Dell(conf)#role configure addrole secadmin ?

LINE Initial keywords of the command to modify

Dell(conf)#role configure addrole secadmin interface

Example: Allow Security Administrator to Access Only 10-Gigabit Ethernet Interfaces

The following example allows the security administrator (secadmin) to only access 10-Gigabit Ethernett interfaces and then shows that

the secadmin, highlighted in bold, can now access Interface mode. However, the secadmin can only access 10-Gigabit Ethernet

interfaces.

Dell(conf)#role configure addrole secadmin ?

LINE Initial keywords of the command to modify

Dell(conf)#role configure addrole secadmin interface tengigabitethernet

Dell(conf)#show role mode configure interface

Role access: netadmin, secadmin, sysadmin

Example: Verify that the Security Administrator Can Access Interface Mode

The following example shows that the secadmin role can now access Interface mode (highlighted in bold).

Role Inheritance Modes

netoperator

netadmin Exec Config Interface Router IP RouteMap Protocol MAC

secadmin Exec Config Interface Line

sysadmin Exec Config Interface Line Router IP RouteMap Protocol MAC

Example: Remove Security Administrator Access to Line Mode.

The following example removes the secadmin access to LINE mode and then veries that the security administrator can no longer

access LINE mode, using the show role mode configure line command in EXEC Privilege mode.

Dell(conf)#role configure deleterole secadmin ?

LINE Initial keywords of the command to modify

Dell(conf)#role configure deleterole secadmin line

Dell(conf)#do show role mode ?

configure Global configuration mode

exec Exec Mode

interface Interface configuration mode

line Line Configuration mode

route-map Route map configuration mode

router Router configuration mode

Dell(conf)#do show role mode configure line

Role access:sysadmin

Example: Grant and Remove Security Administrator Access to Congure Protocols

By default, the system dened role, secadmin, is not allowed to congure protocols. The following example rst grants the secadmin

role to congure protocols and then removes access to congure protocols.

Dell(conf)#role configure addrole secadmin protocol

Dell(conf)#role configure deleterole secadmin protocol

Example: Resets Only the Security Administrator role to its original setting.

The following example resets only the secadmin role to its original setting.

Dell(conf)#no role configure addrole secadmin protocol

Example: Reset System-Dened Roles and Roles that Inherit Permissions

730

Security