Working in the CLI
Object List Commands
Object lists make it easier to manage user permissions by allowing an administrator to assign
user permissions via list of objects.
An entry in an object list is an “object type” and “object name” pair. Once an object list is created,
object list names are used as arguments to user context commands (see
216) to give a user permission to access objects in the list.
Using Object List Commands in the Global Context
eqcli >
objlist
olname
: Create an object list, or if it
exists
change context
eqcli >
objlist
olname
cmds
: Modify an object list (see below for
cmds)
eqcli >
no objlist
olname
[
force
]
: Delete an object list
eqcli >
show objlist [
olname
]
: Display all object lists, or the one
specified
Object List Context Commands
eqcli obj-olname>
type object
: Remove the specified object
eqcli obj-olname>
no type
object
: Add an object to the list
eqcli obj-olname>
show
: Display object list
Object List Notes
l
Only a user with the
admin
flag enabled can create, modify, or delete object lists.
l
The
type
argument must be one of the following object types:
cert
,
cluster
,
crl
,
geocluster
,
geo-
site
,
port
,
responder
,
server
,
srvpool
,
subnet
, or
vlan
.
l
The
object
argument must be the name of an existing object of the specified
type
. (Object
list names and the keyword
all
are not allowed.)
l
The
no
form of the
objlist
command is immediately executed; no
commit
is required.
Specifying an Object List When Creating or Modifying an Object
An
objlist
argument is optional when creating (or modifying) an Equalizer object, and adds an entry
for the object to the specified object list. To add an entry to an object list, the user must have
permission to create objects of the specified type in that object list.
Permission to create objects in an object list is given by the
permit_objlist
command, as
outlined in
read
and
write
permissions on both the object list and the object to be added to the list (or have the
admin
flag set on the user definition).
Note
- When a user creates an object, that user is given
read
,
write
, and
delete
permissions on that object.
194
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
Summary of Contents for Equalizer GX Series
Page 18: ......
Page 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 42: ......
Page 52: ......
Page 64: ......
Page 72: ......
Page 76: ......
Page 228: ......
Page 238: ......
Page 476: ......
Page 492: ......
Page 530: ......
Page 614: ......
Page 626: ......
Page 638: ......
Page 678: ......
Page 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 754: ......
Page 790: ......
Page 804: ......
Page 842: ......
Page 866: ......