After you deploy AmpCon-DC, you can manage user access to prevent illegal users from logging in to the AmpCon-DC UI and thus enhance the security of devices.
...
...
Adding a Global User or a Group User
...
...
...
...
User Permissions on Functions or Menu Pages
...
so that users are assigned with appropriate permissions.
Note: Only users with SuperAdmin permissions have access to the “User Management” page. Adding, editing, or deleting users, login restrictions, and TACACS+ configuration are only available to SuperAdmin users.
| Table of Contents | ||
|---|---|---|
|
Role-Based Access Control
Role-Based Access Control (RBAC) is used to permit individual users to perform specific actions and get visibility to an access scope. Each user can be assigned to a specific role with associated permissions.
In AmpCon-DC , supports the following four types of user roles are supported. The permission levels are as follows: SuperAdmin > Admin > Operator > Readonly.
SuperAdmin
Provides access to all AmpCon-DC functions
The only role that can manage users and groups
Admin
Provides access to almost all AmpCon-DC functions
Can’t manage users and groups and users
Can’t access Switch model and System Config
Operator
Provides access to most of AmpCon-DC functions
Can’t manage users and groups and users
Can’t access Switch model and System Config
Can’t view and manage licenses and can’t view license logs
Readonly
Views limited pages such as switchesDashboard, Switch, Topology, Config Files View, and alarmsAccesses Alarms
Provides access to CLI Configuration, Template Verify, and Config Snapshot Diff
Adding a Global User or a Group User
When you add a user, you need to select a user role for the user and specify the user type (a group user or a global user). A group user means that the user is a member of a specific group. A global user means that the user is not limited to a group. Note: Only users with SuperAdmin permissions have access to the User Management section. Adding, editing, or deleting users, login restrictions, and TACACS+ configuration are only available to SuperAdmin users.
To add a user, follow these steps:
In the AmpCon-DC UI, click System > User management.
Click Add User, and enter input the following information:
User Name: The user nameusername.
User Password: The password of the user. The password needs to be a combination of uppercase letters, lowercase letters, numbers, and special symbols. The character count needs to be greater than 10.
Confirm Password: The password of the user.
User Role: Select SuperAdmin“SuperAdmin“, Admin“Admin“, Operator“Operator“, or Readonly. The permissions of the role is granted to the user“Readonly“.
User Type: Select Global “Global“ or Group“Group“.
Email: The email of the user.
If you select Group as the user type, select a group name from the Group Name drop-down list.
To assign the user to a new group that hasn’t been created, create a group as described in Adding or Deleting a Group.
...
Click OK.
Deleting a User
To delete a user, follow these steps:
In the AmpCon-DC UI, click System > User management.
On the ”User Management” page, locate a user on the “User management” page, and then click Delete.
...
Editing a User
...
In the AmpCon-DC UI, click System > User management.
On the “User Management” page, locate a user, and then click Edit.
Modify user configurations information as you need.
...
Click OK.
...
Setting Login Restrictions
...
In the AmpCon-DC UI, click System > User management.
On the ”User Management” page, locate a user, and then click Lock.
In the pop-up window, click Yes to confirm the lock operation.
...
For functions or memu pages in the AmpCon™AmpCon-DC UI, different user roles have different permissions. For more information, see the User Permission Tables topic.
...