OAN000205 User Right Management ISSUE1.0

OAN000205 User Right Management
ISSUE 1.0
Fixed Network Curriculum Development Section
References
N2000 User Manual (V2.10)
2
Confidential Information of Huawei. No Spreading without Permission. Security Level: Internal
Objectives
Upon completion of this course, you will be able to:
Master how to create a user and set authority for the user
3
Course Contents
Chapter 1 Basic Concepts
Chapter 2 User Management
Chapter 3 User Group management

Chapter 4 Operation Set Management Chapter 5 Other Functions
4
Main Window for User Right Management
5
Functions of User Right Management
User Right Management is to manage the security of the system.

It decides who can log in to the system, what operations the login users can perform, and which devices and boards the login users can manage.
User right consists of:
ACL (Access Control List) right: It decides the client from which a user can log in to the system.
Operation right: It decides the operations that can be performed by the login user.
Management right: It decides the devices and boards that can be
managed by the login user.
6
User admin
After the system is initially installed, there is only one user

"admin" by default. And the initial system ACL is empty. The user can only log in as "admin" from the server.
"admin" is a super user who has all operation and management rights. Like other users, "admin" can be configured to log in from a specified client. The difference is that admin has all the rights. Other user accounts are directly or indirectly created by "admin".
In the NMS, only one user can log in as "admin" at the same time. For other user accounts, multiple users can log in as the same account at the same time. "admin" can force any other users to exit.
7
Confidential Information of Huawei. No Spreading without Permission.
Security Level: Internal
User Group
User group is a group of NMS users that have the same

management and operation rights. User group management can simplify right assignment. When the system is installed, three default user groups are already assigned with the corresponding rights. The default user groups cannot be deleted.

Maintainer Group: Perform daily maintenance operations. Operator Group: Perform ordinary query and setting operations. Watcher Group: Perform query operations only.
A user can be added to many user groups and has a collection of rights of all these user groups.
8
ACL Management
ACL management are conducted at two layers.

At the first layer, the system ACL specifies the range of IP addresses of the system clients. The users can log into the
system from the clients within this range only.
At the second layer, the user ACL specifies the users that can log into the system from the clients specified in the system ACL.
9
Operation Set
Operation set is a group of operations. Operation set

management makes right assignment an easier task.
Default operation sets are already assigned to those default user
groups. Default operation sets can be used in right assignment

and assigned to newly created user groups or users.
10
Management Right
Management Right: Whether or not the user has the right to

manage the specified device and board.
In the topological view, the devices which the user has no right to
manage will not be shown to the user, and on the device panel,
the boards which the user has no right to manage will not be shown to the user either.
When a user is created, he is not authorized to manage any resource by default. The user can't assign management right to the super user or himself. If a user is not authorized a device, it is impossible to assign the operation right of the device to him.
11
Confidential Information of Huawei. No Spreading without Permission.
Security Level: Internal
Course Contents

12
User Management
The functions of user management are as follows:

Create User Set User ACL Right
Assign User Operation Right

Assign User Management Right
13
Create User
Create new user of the NMS.
14
Set System ACL
Set system ACL data, including adding/modifying/deleting ACL.
15
Set User ACL Right
Specify clients from which the users are authorized to log in.
"Constrained by ACL" is to set whether or not the user is constrained by ACL. If the check box is cleared, it means that the
user is allowed to log in to the system from any client in the ACL,
otherwise, the user can only log in to the system from the selected clients in the ACL.
16
Authorize or prohibit the user to conduct or from conducting the

specified operations.
17
Add Operation Right
New Device" right: The user has the same operation right for the
new created device.
18
Assign User Management Right
Authorize or prohibit the users to manage or from managing the

specified device and board.
19
Set Management Scope
Search the matching devices and set management status of the

device.
20
Course Contents

21
User Group Management
The functions of user group management are as follows:

Create User Group Assign User Group Operation Right
Assign User Group Management Right

Add User Group Member
22
Create User Group
Create new user group of the NMS.
23
Assign User Group Operation Right
Authorize or prohibit the user groups to conduct or from

conducting the specified operations.
24
Assign User Group Management Right
Authorize or prohibit the user groups to manage or from

managing the specified device and board.
25
Add User Group Member
Add the specified user to the user group, which makes the user
has the same management and operation right as the user group.
26
Add User to User Group

2
3 27
Course Contents

28
Operation Set Management
The functions of operation set management are as follows:

Create Operation Set Configure Operation Set Member
29
Create Operation Set
Create operation set according to the object type.
30
Configure Operation Set Member
Add or delete operation members in the operation set.
31
Authorize or prohibit the user to conduct or from conducting the

specified operations.
2
4 5
1
6
7 3 32
Check Operation Set Assignment
33
Course Contents

34
Browse User Operation Log
35
Realtime Monitoring User Operation Log
View operations conducted by the login users.
36
Dump User Operation Log
37
Modify User Attributes
38
39

OAN000205 User Right Management ISSUE1.0

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

OAN000205 User Right Management ISSUE1.0

Transféré par

Droits d'auteur :

Formats disponibles

OAN000205 User Right Management

Fixed Network Curriculum Development Section

N2000 User Manual (V2.10)

Upon completion of this course, you will be able to:

Chapter 3 User Group management

Main Window for User Right Management

Functions of User Right Management

User Right Management is to manage the security of the system.

User right consists of:

Management right: It decides the devices and boards that can be

managed by the login user.

After the system is initially installed, there is only one user

Confidential Information of Huawei. No Spreading without Permission.

Security Level: Internal

User group is a group of NMS users that have the same

ACL management are conducted at two layers.

system from the clients within this range only.

Operation set is a group of operations. Operation set

Default operation sets are already assigned to those default user

groups. Default operation sets can be used in right assignment

Management Right: Whether or not the user has the right to

Confidential Information of Huawei. No Spreading without Permission.

Security Level: Internal

Chapter 3 User Group management

The functions of user management are as follows:

Create User Set User ACL Right

Assign User Operation Right

Create new user of the NMS.

Set System ACL

Set system ACL data, including adding/modifying/deleting ACL.

Set User ACL Right

Assign User Operation Right

Authorize or prohibit the user to conduct or from conducting the

Add Operation Right

Assign User Management Right

Authorize or prohibit the users to manage or from managing the

Set Management Scope

Search the matching devices and set management status of the

Chapter 3 User Group management

User Group Management

The functions of user group management are as follows:

Create User Group Assign User Group Operation Right

Assign User Group Management Right

Create User Group

Create new user group of the NMS.

Assign User Group Operation Right

Authorize or prohibit the user groups to conduct or from

Assign User Group Management Right

Authorize or prohibit the user groups to manage or from

Add User Group Member

Add User to User Group

Chapter 3 User Group management

Operation Set Management

The functions of operation set management are as follows:

Create Operation Set Configure Operation Set Member

Assign User Operation Right

Create Operation Set

Create operation set according to the object type.

Configure Operation Set Member

Add or delete operation members in the operation set.

Assign User Operation Right

Authorize or prohibit the user to conduct or from conducting the

Check Operation Set Assignment