nexus 给角色赋权限 Creating User Roles and Rules

最新推荐文章于 2023-10-20 03:08:17 发布

cnxhsy

最新推荐文章于 2023-10-20 03:08:17 发布

阅读量679

点赞数

文章标签：运维

本文链接：https://blog.csdn.net/cnxhsy/article/details/127235053

版权

查看priv-0所具有的权限：

N-2# sh role name priv-0  

Role: priv-0  
  Description: This is a system defined privilege role.  
  vsan policy: permit(default)  
  Vlan policy: permit(default)  
  Interface policy: permit(default)  
  Vrf policy: permit(default)  
  -------------------------------------------------------------------  
  Rule    Perm    Type        Scope               Entity                    
  -------------------------------------------------------------------  
  10      permit  command                         traceroute6 *             
  9       permit  command                         traceroute *              
  8       permit  command                         telnet6 *                 
  7       permit  command                         telnet *                  
  6       permit  command                         ping6 *                   
  5       permit  command                         ping *                    
  4       permit  command                         ssh6 *                    
  3       permit  command                         ssh *                     
  2       permit  command                         enable *                  
  1       permit  read          
N-2#

查看用户的角色

N-2# sh run | sec usernam
username admin password 5 a2x0  role network-admin
username user password 5 asas4g51  role priv-0

给priv-0添加copy权限

N-2# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
N-2(config)# role name priv-0
N-2(config-role)# rule 11 permit command copy startup-config tftp:
N-2(config-role)# rule 12 permit command copy running-config tftp:
N-2(config-role)#

检验是否添加成功

N-2# sh role name priv-0

Role: priv-0
  Description: This is a system defined privilege role.
  vsan policy: permit(default)
  Vlan policy: permit(default)
  Interface policy: permit(default)
  Vrf policy: permit(default)
  -------------------------------------------------------------------
  Rule    Perm    Type        Scope               Entity                  
  -------------------------------------------------------------------
  12      permit  command                         copy running-config tftp:
  11      permit  command                         copy startup-config tftp:
  10      permit  command                         traceroute6 *           
  9       permit  command                         traceroute *            
  8       permit  command                         telnet6 *               
  7       permit  command                         telnet *                
  6       permit  command                         ping6 *                 
  5       permit  command                         ping *                  
  4       permit  command                         ssh6 *                  
  3       permit  command                         ssh *                   
  2       permit  command                         enable *                
  1       permit  read        
N-2#

保存配置

N-2#  copy running-config startup-config 
[########################################] 100%
Copy complete, now saving to disk (please wait)...
N-2#

参考文件：
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/nxos/413/b_Cisco_Nexus_5000_Series_NX-OS_Software_Configuration_Guide_Rel_413_n1_1/b_Cisco_Nexus_5000_Series_NX-OS_Software_Configuration_Guide_Rel_413_n1_1_chapter_011000.html