Wired Intelligent Edge

Hi,
I am able to access Web GUI using manager and operator users but I am not able to do that using other local users on priviledge Level-15. SSH is accessible. 
aaa authentication local-user "webwebweb" group "Level-15"
Is it possible to create a group which has https access? Is https access for local users supported? 

Are you using full-on RBAC? 

 

If I assume not you actually need something like...

 

password manager user-name <username> plaintext <password>

 

to add a user capable of logging into the CLI or WebUI

As I have mentioned before, manager and operator users are able to use Web GUI. Local users created this way (see below) - are not.

aaa authentication local-user "webwebweb" group "Level-15"

 

Radius authenticated users can access Web GUI also, but failback to local user authentication is not working (except for manager and operator users).

 

aaa authentication web login radius server-group "RADIUS"  local

aaa authentication web enable radius server-group "RADIUS" local 

 

or 

 

aaa authentication web login local

aaa authentication web enable local 

 

What's the configuration for the group "Level-15"?

 

This is an example of a user created with full permissions? 

 

#aaa authorization group "test-group" 10 match-command "*" permit

#aaa authentication local-user test-user group test-group password plaintext

 

On 2930F platform "Level-15" is predefined group will full permitions - you do not have to create one.

 

Minondas, are you able to connect via https using local user from created group? "test-group" in your case.

 

Thank you

Hi Paulius.

 

I've tested with http web-management and it worked just fine.

 

Hi Paulinius.

Just adding that besides that I am able to login using http/https when I go to users details my user is marked as “operator”.
Trying to find the option that would allow the login as manager.

Obter o Outlook para iOS

PROBLEMS:

1. the problem with those commands is the password in sha1 which can easily decrypted although encrypt-credentials=enable

Hi Paulius,

 

It is stated in the 'Aruba 2930F / 2930M Access Security Guide for ArubaOS-Switch 16.10' that RBAC is not supported for WebUI access. 

 

Limitations section under Chapter 19

 

 

The information on the manual pointed by saishyam explains this behaviour. 

Even given full access to the user it is still being allowed just operator access through WebUI.

Older versions of the same document (16.02 for example) does not have that information.

 

I wonder how you are getting that operator access because I am not getting any  

Ok, let's give sayshyam Kudos, hope that Aruba is going to fix this some day and I am now switching my customer's local-user account to device manager

 

Thanks for help!