Users Guide
Version Description
9.8(1.0) Introduced on the Z9100-ON.
9.8(0.0P5) Introduced on the S4048-ON.
9.8(0.0P2) Introduced on the S3048-ON.
9.7(0.0) Introduced on the S6000-ON.
9.5(0.1) Introduced on the Z9500.
9.5(0.0) Introduced on the Z9000, S6000, S4820T, S4810, MXL.
Usage Information
Instead of using the system dened user roles, you can create a new user role that best matches your organization.
When you create a new user role, you rst inherit permissions from one of the system dened roles. Otherwise you
would have to create a user role from scratch. You then restrict commands or add commands to that role. For
information about this topic, See Modifying Command Permissions for Roles.
NOTE: You can change user role permissions on system pre-dened user roles or user-dened user
roles.
Important Points to Remember
Consider the following when creating a user role:
• Only the system administrator and user-dened roles inherited from the system administrator can create roles
and usernames. Only the system administrator, security administrator, and roles inherited from these can use
the role command to modify command permissions. The security administrator and roles inherited by security
administrator can only modify permissions for commands they already have access to.
• Make sure you select the correct role you want to inherit.
NOTE: If you inherit a user role, you cannot modify or delete the inheritance. If you want to change or
remove the inheritance, delete the user role and create it again. If the user role is in use, you cannot
delete the user role.
role mode { { { addrole | deleterole } role-name } | reset } command – Modies (adds
or deletes) command permissions for newly created user roles and system dened roles.
Related Commands
• role mode { { { addrole | deleterole } role-name } | reset } command — modies (adds or deletes) command
permissions for newly created user roles and system dened roles.
Security 1427