Cisco Cisco Expressway 관리 매뉴얼

Field

Description

Usage tips

Web
access

Determines whether members of this group are
allowed to log in to the system using the web interface.

Default: Yes

API
access

Determines whether members of this group are
allowed to access the system's status and
configuration using the Application Programming
Interface (API).

Default: Yes

This controls access to the XML and REST
APIs by systems such as Cisco TMS.

State

Indicates if the group is enabled or disabled. Access
will be denied to members of disabled groups.

If an administrator account belongs to more
than one administrator group with a
combination of both Enabled and Disabled
states, their access will be Enabled.

Determining the access level for accounts that belong in multiple groups

If an administrator account belongs to more than one administrator group, the effective settings for Access
level, Web access and API access will be the highest of each group to which the account belongs. Any
groups in a disabled state are ignored.

For example, if the following groups were configured:

Group name

Access level

Web access

API access

Administrators

Read-write

Region A

Read-only

Yes

Region B

Read-only

Yes

Region C

Read-only

Yes

the following table shows examples of the access permissions that would be granted for accounts that
belong in one or more of those groups:

Groups belonged to

Access permissions granted

Administrators and Region A

read-write access to the web interface but no API access

Administrators and Region B

read-write access to the API interface, but no web interface access

Administrators and Region C

read-write access to the web and API interfaces

Region A only

read-only access to the web interface and no API access

Cisco Expressway Administrator Guide (X8.1)

Page 167 of 344

User accounts

Configuring remote account authentication using LDAP