Cisco Cisco Packet Data Interworking Function (PDIF)
Command Line Interface Overview
CLI Administrative Users ▀
Command Line Interface Reference, StarOS Release 16 ▄
127
Table 3. User Privilege to User Type Mapping
User Type as Defined by T1.276-2003
Local-User Level User
Context-Level User
System Security Administrator
Security Administrator
Administrator
Application Security Administrator
Security Administrator
Administrator
System Administrator
Administrator
Config-Administrator
Application Administrator
Administrator
Config-Administrator
Application User/Operator
Operator
Operator
not applicable
Inspector
Inspector
Configure context-level administrative users in the Context Configuration Mode with the administrator, config-
administrator, operator, and inspector commands.
administrator, operator, and inspector commands.
Configure local-user administrative users at the Global Configuration Mode with the local-user username command.
You can further refine administrative levels to include access to certain features with the following feature-use
administrative user options:
administrative user options:
Lawful Intercept (LI) Administrative User: To configure and manage LI-related issues, configure at least one
administrative user account with LI functionality privileges.
Important:
This privilege is available only for context-level administrative users. In addition, to ensure security
in accordance with the standards, LI administrative users must access the system through the Secure Shell Protocol
(SSH).
(SSH).
Enhanced Charging Service (ECS) Administrative User: To log in and execute ECS-related commands,
configure at least one administrative user account with ECS functionality privileges.
All system users can be configured within any context. However, it is recommended that you configure users in the
system’s management context called local. Refer to sections later in this chapter for additional information about
contexts.
system’s management context called local. Refer to sections later in this chapter for additional information about
contexts.
Allowed Commands per User Type
With the exception of security administrators, all other management users are limited to a subset of the entire command
list. This section defines the commands allowed for each management user type.
list. This section defines the commands allowed for each management user type.
Inspector Mode Commands
In the Exec Mode, system inspectors can access the following commands:
abort
autoconfirm
context
crypto-group
default terminal