Citrix Systems CITRIX NETSCALER 9.3 Benutzerhandbuch
Table 1-1.
Built-in Command Policies
Policy name
Allows
read-only
Read-only access to all show commands
except show runningconfig, show
ns.conf, and the show commands for
the NetScaler command group.
except show runningconfig, show
ns.conf, and the show commands for
the NetScaler command group.
operator
Read-only access and access to
commands to enable and disable services
and servers or place them in
ACCESSDOWN mode.
commands to enable and disable services
and servers or place them in
ACCESSDOWN mode.
network
Full access, except to the set and unset
SSL commands, sh ns.conf, sh
runningconfig, and sh gslb
runningconfig commands.
SSL commands, sh ns.conf, sh
runningconfig, and sh gslb
runningconfig commands.
superuser
Full access. Same privileges as the
nsroot user.
nsroot user.
Creating Custom Command Policies
Regular expression support is offered for users with the resources to maintain more
customized expressions, and for those deployments that require the flexibility that
regular expressions offer. For most users, the built-in command policies are sufficient.
Users who need additional levels of control but are unfamiliar with regular expressions
may want to use only simple expressions, such as those in the examples provided in this
section, to maintain policy readability.
customized expressions, and for those deployments that require the flexibility that
regular expressions offer. For most users, the built-in command policies are sufficient.
Users who need additional levels of control but are unfamiliar with regular expressions
may want to use only simple expressions, such as those in the examples provided in this
section, to maintain policy readability.
When you use a regular expression to create a command policy, keep the following in
mind.
mind.
w
When you use regular expressions to define commands that will be affected by a
command policy, you must enclose the commands in double quotation marks. For
example, to create a command policy that includes all commands that begin with
show, type the following:
"^show .*$"
command policy, you must enclose the commands in double quotation marks. For
example, to create a command policy that includes all commands that begin with
show, type the following:
"^show .*$"
To create a command policy that includes all commands that begin with rm, type
the following:
the following:
"^rm .*$"
w
Regular expressions used in command policies are not case sensitive.
The following table lists examples of regular expressions:
Chapter 1
Authentication and Authorization
28