Reference Guide
– secadmin — Full access to conguration commands that set security policy and system access, such as
password strength, AAA authorization, and cryptographic keys. A security administrator can display security
information, such as cryptographic keys, login statistics, and log information.
– netadmin — Full access to conguration commands that manage trac owing through the switch,
such as routes, interfaces, and ACLs. A network administrator cannot access conguration commands for
security features or view security information.
–
netoperator — Access to EXEC mode to view the current conguration. A network operator cannot
modify any conguration setting on a switch.
Default OS10 assigns the netoperator role to a user authenticated by a TACACS+ server with a missing or unknown
role.
Command Mode CONFIGURATION
Usage Information
• When a TACACS+ server authenticates a user and does not return a role or returns an unknown role, OS10
assigns the netoperator role to the authenticated user by default. Use this command to recongure the
default netoperator role.
• The no userrole default version of the command resets the role to netoperator.
Example
OS10(config)# userrole default inherit sysadmin
Supported Releases 10.4.0E(R3P3) or later
Simple Network Management Protocol
Network management stations use Simple Network Management Protocol (SNMP) to retrieve or alter management data from network
elements. Standard and private SNMP management information bases (MIBs) are supported, including all get requests. A managed object
is a datum of management information. A MIB is a database that stores managed objects found in network elements. MIBs are
hierarchically structured and use object identiers to address managed objects. Managed objects are also known as object descriptors. For
the list supported MIBs refer to the Release Notes of the relevant version of OS10.
OS10 supports SNMP set for SysName on System MIBs.
NOTE
: OS10 SNMP supports only IPv4 transport.
SNMP commands
SNMP traps: Enable SNMP notications to be sent to network management host devices.
snmp-server community
Congures a new community string access. The management station is a member of the same community as the SNMP agent.
Syntax
snmp-server community community-name {ro | rw} acl aclname
Parameters
• community-name — Enter a text string to act as an SNMP password (up to 20 characters).
• ro — Enter to set read-only permission.
• rw — Enter to set read and write permission.
• aclname — Enter an existing ACL rule name. This option associates an IPv4 ACL to SNMP server
community.
System management 543