Network Management

Reply
Highlighted
Contributor II

AoS 8.x MGMT role based access via TACACS

I have implemented role based access for management users via TACACS on our cluster but find that read only users cannot execute 'mdconnect' or 'logon' commands and therefore cannot look at configuration easily on MC's. Apart from giving all users the standard role, is there another way around this?

Highlighted
Guru Elite

Re: AoS 8.x MGMT role based access via TACACS

https://www.arubanetworks.com/techdocs/ArubaOS_86_Web_Help/Content/arubaos-solutions/behavior-defaults/defa-mana-user-role.htm

 

Try "standard" role.

EDIT:  It seems like no role is allowing you to do MDC, unfortunately.

 


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Highlighted
Contributor II

Re: AoS 8.x MGMT role based access via TACACS

Standard works fine but I don't want to give read only users write access. 

The read only users can log in directly to MC's and run show commands but it would be easier via the MM so there is a single login.

Highlighted
Guru Elite

Re: AoS 8.x MGMT role based access via TACACS

Yes, that would be convenient, but those roles do not allow MDC, unfortunately.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Video Knowledge Base
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide