Step 5
ops {r
|
x | rx}
Example:
sysadmin-vm:0_RP0#(config-cmdrule-1100)#ops rx
Specify the operation for which permission has to be specified:
•
r
— Read
•
x
— Execute
•
rx
— Read and execute
Step 6
action
{
accept
|
accept_log
|
reject
}
Example:
sysadmin-vm:0_RP0#(config-cmdrule-1100)#action reject
Specify whether users are permitted or denied the use of the operation.
•
accept
— users are permitted to perform the operation
•
accept_log
— users are permitted to perform the operation and every access attempt is logged.
•
reject
— users are restricted from performing the operation.
Step 7
group user_group_name
Example:
sysadmin-vm:0_RP0#(config-cmdrule-1100)#group gr1
Specify the user group on which the command rule is applied.
Step 8
context connection_type
Example:
sysadmin-vm:0_RP0#(config-cmdrule-1100)#context *
Specify the type of connection to which this rule applies. The connection type can be
netconf
(Network
Configuration Protocol),
cli
(Command Line Interface), or
xml
(Extensible Markup Language ). It is
recommended that you enter an asterisk '*'; this indicates that the command rule applies to all connection
types.
Step 9
Use the
commit
or
end
command.
commit
-Saves the configuration changes and remains within the configuration session.
end
-Prompts user to take one of these actions:
•
Yes
-Saves configuration changes and exits the configuration session.
•
No
-Exits the configuration session without committing the configuration changes.
•
Cancel
-Remains in the configuration session, without committing the configuration changes.
System Setup and Software Installation Guide for Cisco NCS 1002
42
Create User Profiles and Assign Privileges
Create Command Rules