Contents x
    How to Assign User Group Permissions
    • 26 Nov 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    How to Assign User Group Permissions

    • Updated on 26 Nov 2024
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Nodegrid allows you to create users and groups and set the appropriate permissions for them. This section provides an example configuration depicting the following scenario:

    • username: test-user

    • group name: sys-test

    • assigned permissions: Configure System, Track System Information, and Terminate Sessions

    Configuration Using Web UI

    Follow these steps to configure the user test-user, assign it to a group name with required permissions using Web UI:

    1. Log in to the Nodegrid Web UI.

    2. Navigate to Security :: Local Accounts.

    3. Click Add.

    4. Enter the username as “test-user” and provide a password and confirm the password and click Save.

    5. Navigate to Authorization and click Add and enter the group name assys-test”.

    6. Click Save. The newly created group is shown in the list of groups.

    7. Click on the group name “sys-test”.

    8. Click Add in the Members page.  

    9. Select the username “test-user” from Local Users list and click Add > to move to the user to right-side.

    10. Click Save.

    11. Navigate to Profile, select the permissions from Permissions list Configure System, Track System Information, and Terminate Sessions and click Add > to the right-side.

    12. Click Save.

    13. Navigate to Devices, and then click Add. Move the devices from the left to the right-side.

    14. Click Save.

    15. Navigate to Services and select the option Device access enforced via user group authorization and click Save.

    Configuration using CLI

    Follow these steps to configure the user test-user, assign it to a group name with required permissions using CLI:

    1. Access Nodegrid using SSH, telnet, or console and log in as admin.

    2. Copy the following commands, and paste them at the CLI prompt:

      add /settings/local_accounts/
set username=test-user
set password=test-user
commit

add /settings/authorization/
set name=sys-test
commit

add /settings/authorization/sys-test/members
set local_users=test-user
commit

set /settings/authorization/sys-test/profile/ configure_system=yes
set /settings/authorization/sys-test/profile/ track_system_information=yes
set /settings/authorization/sys-test/profile/ terminate_sessions=yes
commit

set /settings/authorization/sys-test/profile/ devices=<device1>,<device2>,<device3>
commit

set /settings/services/ device_access_per_user_group_authorization=yes
commit

    Note

    You can also add remote users (for example, from Radius, Tacacs+, LDAP/AD user database) to the Nodegrid User Groups.

    • Web UI: Navigate to the path Security::Authorization::Sys-test::Profile and add the remote users in the Remote Users field, separated with comma.

    • CLI: To add remote users via CLI, then type the following:

      add /settings/authorization/sys-test/members
set remote_users=usera,userb,userc
commit

    Important

    This setting is case sensitive and must match the exact value as given by the remote authentication service.

    Was this article helpful?
    What's Next
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence