1101 and 1102 Secure Device Servers
724-746-5500 | blackbox.com
124
14.4 Adding and Removing User Groups
The
console server
is configured with a few default user groups (even though only two of these groups are visible in the Management Console
GUI). To find out how many groups are already present:
# config -g config.groups.total
Assume this value is six. Make sure you number any new groups you create from seven and up.
To add a custom group to the configuration with Group name=Group7, Group description=MyGroup and Port access= 1,5 you’d issue the
commands:
# config -s config.groups.group7.name=Group7
# config -s config.groups.group7.description=MyGroup
# config -s config.groups.total=7
# config -s config.groups.group7.port1=on
# config -s config.groups.group7.port5=on
Assume we have an RPC device connected to port 1 on the console manager, and the RPC is configured. To give this group access to RPC outlet
number 3 on the RPC device, run the two commands below:
# config -s config.ports.port1.power.outlet3.groups.group1=Group7
# config -s config.ports.port1.power.outlet3.groups.total=1 (total number of groups that have access to this outlet)
If more groups are given access to this power outlet, then increment the
'config.ports.port1.power.outlet3.groups.total
' element accordingly.
To give this group access to network host 5:
# config -s config.sdt.hosts.host5.groups.group1=Group7
# config -s config.sdt.hosts.host5.groups.total=1 (total number of groups having access to host)
To give another group called 'Group8' access to the same host:
# config -s config.sdt.hosts.host5.groups.group2=Group8
# config -s config.sdt.hosts.host5.groups.total=2 (total number of users having access to host)
To delete the group called Group7, use the following command:
# rmuser Group7
Attention: The
rmuser
script is a generic script to remove any config element from config.xml correctly. However, any dependencies or references to
this group will not be affected. Only the group details are deleted. The
Administrator
is responsible for going through
config.xml
and removing
group dependencies and references manually, specifically if the group had access to a host or RPC device.
The following command will synchronize the live system with the new configuration:
# config –a
14.5 Authentication
To change the type of authentication for the
console server
:
# config -s config.auth.type='authtype'
'authtype'
can be:
Local
LocalTACACS
TACACS
TACACSLocal
TACACSDownLocal
LocalRADIUS
RADIUS
RADIUSLocal
RADIUSDownLocal
LocalLDAP
LDAP
LDAPLocal
LDAPDownLocal