Contents x
      Example Configuration
      • 15 Oct 2024
      • 1 Minute to read
      • Print
      • Dark
        Light
      • PDF
      Contents

      Example Configuration

      • Updated on 15 Oct 2024
      • 1 Minute to read
      • Print
      • Dark
        Light
      • PDF
      Article summary

      Assigning User Group Permissions

      Nodegrid allows you to create users and groups and set the appropriate permissions for them. This section provides an example configuration depicting the following scenario:

      • username: test-user

      • group name: sys-test

      • assigned permissions: Configure System, Track System Information, and Terminate Sessions

      Configuration Using Web UI

      Follow these steps to configure the user test-user, assign it to a group name with required permissions using Web UI:

      1. Log in to the Nodegrid Web UI.

      2. Navigate to Security :: Local Accounts.

      3. Click Add.

      4. Enter the username as “test-user” and provide a password and confirm the password and click Save.

      5. Navigate to Authorization and click Add and enter the group name assys-test”.

      6. Click Save. The newly created group is shown in the list of groups.

      7. Click on the group name “sys-test”.

      8. Click Add in the Members page.  

      9. Select the username “test-user” from Local Users list and click Add > to move to the user to right-side.

      10. Click Save.

      11. Navigate to Profile, select the permissions from Permissions list Configure System, Track System Information, and Terminate Sessions and click Add > to the right-side.

      12. Click Save.

      13. Navigate to Devices, and then click Add. Move the devices from the left to the right-side.

      14. Click Save.

      15. Navigate to Services and select the option Device access enforced via user group authorization and click Save.

      Configuration using CLI

      Follow these steps to configure the user test-user, assign it to a group name with required permissions using CLI:

      1. Access Nodegrid using SSH, telnet, or console and log in as admin.

      2. Copy the following commands, and paste them at the CLI prompt:

        add /settings/local_accounts/
set username=test-user
set password=test-user
commit

add /settings/authorization/
set name=sys-test
commit

add /settings/authorization/sys-test/members
set local_users=test-user
commit

set /settings/authorization/sys-test/profile/ configure_system=yes
set /settings/authorization/sys-test/profile/ track_system_information=yes
set /settings/authorization/sys-test/profile/ terminate_sessions=yes
commit

set /settings/authorization/sys-test/profile/ devices=<device1>,<device2>,<device3>
commit

set /settings/services/ device_access_per_user_group_authorization=yes
commit

      Note

      You can also add remote users (for example, from Radius, Tacacs+, LDAP/AD user database) to the Nodegrid User Groups.

      • Web UI: Navigate to the path Security::Authorization::Sys-test::Profile and add the remote users in the Remote Users field, separated with comma.

      • CLI: To add remote users via CLI, then type the following:

        add /settings/authorization/sys-test/members
set remote_users=usera,userb,userc
commit

      Important

      This setting is case sensitive and must match the exact value as given by the remote authentication service.

      Was this article helpful?
      What's Next
      ESC

      Eddy AI, facilitating knowledge discovery through conversational intelligence