Alcatel Carrier Internetworking Solutions omniswitch User Manual

Managing Switch User Accounts

Configuring Privileges for a User

OmniSwitch 6600 Family Switch Management Guide

page 7-11

To configure privileges for a user, enter the user command with the read-only or read-write option and 
the desired CLI command domain names or command family names. The read-only option provides 
access to show commands; the read-write option provides access to configuration commands and show 
commands. Command families are subsets of command domains.

If you create a user without specifying any privileges, the user’s account will be configured with the privi-
leges specified for the default user account.

Command domains and families are listed here: 

In addition to command families, the keywords all or none may be used to set privileges for all command 
families or no command families respectively.

An example of setting up user privileges:

-> user thomas read-write domain-network ip-helper telnet

User thomas will have write access to all the configuration commands and show commands in the 
network domain, as well as Telnet and IP helper (DHCP relay) commands. The user will not be able to 
execute any other commands on the switch.

Use the keyword all to specify access to all commands. In the following example, the user is given read 
access to all commands:

-> user lindy read-only all

Note. When modifying an existing user, the user password is not required. If you are configuring a new 
user with privileges, the password is required.

The default user privileges may also be modified. See 

.

domain-admin

file telnet dshell debug

domain-system

system aip snmp rmon webmgt config

domain-physical

chassis module interface pmm health

domain-network

ip rip ospf vrrp ip-routing ipms

domain-layer2

vlan bridge stp 802.1q linkagg ip-helper

domain-service

dns

domain-policy

qos policy

domain-security

session avlan aaa