Cisco Cisco Prime Network Registrar 8.1 User Guide
Cisco Prime Network Registrar IPAM 8.1.1 User Guide
32 Administrator Maintenance
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
be authorized for “Container Maintenance”, while Role B is not authorized for this. The
effective right is that the Administrator is authorized for “Container Maintenance”.
3.9.6 Access Control List
For the Access Control Lists, the rule is that if the action on a specific Container (or Block) is
For the Access Control Lists, the rule is that if the action on a specific Container (or Block) is
authorized for any role assigned to the Administrator, then that action on that Container (or
Block) is authorized for the Administrator.
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
be authorized to Read and Write to Container “Region A”, while Role B is authorized for only
Read access to “Region A”. The effective right is that the Administrator is authorized to Read
and Write for the “Region A” container.
3.9.7 Block Type Access
For the Block Type Access, the rule is that if access is granted for a Block Type for any role
For the Block Type Access, the rule is that if access is granted for a Block Type for any role
assigned to the Administrator, then that access is granted to that Block Type for the
Administrator.
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
be authorized for Block Types “Any” and “Loopback”, while Role B is authorized only for
Block Type “Point to Point”. The effective right is that the Administrator is authorized for
“Any”, “Loopback”, and “Point to Point”.
3.9.8 Device Type Access
For the Device Type Access, the rule is that if access is granted for a Device Type for any role
For the Device Type Access, the rule is that if access is granted for a Device Type for any role
assigned to the Administrator, then that access is granted to that Device Type for the
Administrator.
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
be authorized for Device Types “PC” and “Printer”, while Role B is authorized for only for
Device Type “Router”. The effective right is that the Administrator is authorized for “PC”,
“Printer”, and “Router”.
3.9.9 Policies
For the Policies, the rule is that the most restrictive policy defined for any role assigned to the
For the Policies, the rule is that the most restrictive policy defined for any role assigned to the
Administrator will be honored.
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
For example, assume an Administrator is assigned to Role A and Role B. Role A is defined to
be authorized for “Allow Command Line Interface Access” and the “Allow Duplicate
Hostnames Checking” policy is set to “Fail”, while Role B is not authorized for “Command
Line Interface Access” and the “Allow Duplicate Hostnames Checking” is set to “Warn”. The
effective policies are that the Administrator is
not authorized for Command Line Interface
Access and the Duplicate Hostnames Checking policy will be to “Fail”.