User and Group Management
Single and Multiple User Scenarios
The following scenarios describe access permissions to Equalizer and Equalizer objects by a single
user and with multiple users.
Single User Scenario
In this, the simplest of scenarios:
l
There is one user with the "admin" flag set.
l
The "admin" user creates all objects.
l
The "admin" user assigns users "read", "write", and "delete" permissions on objects in the
configuration (as necessary) so that those users can perform required tasks on those
objects (see Table).
l
A user can be given permission to perform certain administrative tasks by enabling the
"read_global" and "write_global" flags for that user (See
"Required Task Permissions and Flags"
l
No groups other than "Default" are used.
Multiple-User Scenario
A multiple-user load balancing scenario is a “multi-tenant” setup where multiple users can access
individual clusters on the same Equalizer. In this scenario the users are granted access privileges
on their own Equalizer clusters, with it’s VLANs, Servers, Server Pools, etc.).
The permissions must be set up by a user with administrative privileges and they must be set up
on the eqcli command line interface.
In the scenario described below, two users will be assigned permissions using the Operations and
Permissions shown in
l
User “Touch_1” will be able to read, write, create and delete all of the servers, server pools
and associated VLAN and subnets used on an Equalizer.
l
User “Touch_2” will be able to read, write, create and delete all of the servers, server pools
and associated VLAN and subnets used on the same Equalizer.
l
Neither of the users will have any access
at all
to the other user’s servers, server pools and
associated VLAN and subnets.
Administrative Setup
The following needs to be configured by a user with administrative privileges on Equalizer.
Note
- If you require multiple non-admin users in your configuration, it is preferable to first create all required objects
(servers, server pools, clusters, etc.), and then create users with appropriate permissions to manage them
1. From the
eqlci
command line enter:
eqcli >
user Touch_1
742
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
Содержание Equalizer GX Series
Страница 18: ......
Страница 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Страница 42: ......
Страница 52: ......
Страница 64: ......
Страница 72: ......
Страница 76: ......
Страница 123: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 123 Equalizer Administration Guide ...
Страница 228: ......
Страница 238: ......
Страница 411: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 411 Equalizer Administration Guide ...
Страница 459: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 459 Equalizer Administration Guide ...
Страница 476: ......
Страница 492: ......
Страница 530: ......
Страница 614: ......
Страница 626: ......
Страница 638: ......
Страница 678: ......
Страница 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Страница 754: ......
Страница 790: ......
Страница 804: ......
Страница 842: ......
Страница 847: ...Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc All Rights Reserved 847 Equalizer Administration Guide ...
Страница 866: ......