01-17-2014 02:06 AM
In previous versions, if the network administrator wanted to allow someone else to create/delete internal guest accounts, or to check the network status in the UI, he/she had to give the admin username and password, which also allowed full access to all settings and operations.
Solution: Starting 4.0 in IAP we provide additional user accounts with different UI access privileges
Guest-management user: can view, modify, and delete internal guest user accounts
Read-only user: can view all network settings but not modify any of them or perform any maintenance operation such as upgrade or reboot
These additional user accounts:-
Are stored in IAP’s flash and can include at most one Read-only user and one Guest-management user
Are not affected by whether IAP is managed by Aruba Central or an AMP in “manage mode”
Do not support authentication through external radius servers
Do not have access to the CLI
mgmt-user admin admin
mgmt-user readonly 123123 read-only
mgmt-user guestmgmt 321321 guest-mgmt
Sr. Network Engineer
Customer Advocacy | Aruba Networks Inc.
Did something you read in the Community solve a problem for you? If so, click "Accept as Solution" in the bottom right hand corner of the post.