Cisco Cisco Expressway 관리 매뉴얼
Field
Description
Usage tips
Web
access
access
Determines whether members of this group are
allowed to log in to the system using the web interface.
allowed to log in to the system using the web interface.
Default: Yes
API
access
access
Determines whether members of this group are
allowed to access the system's status and
configuration using the Application Programming
Interface (API).
allowed to access the system's status and
configuration using the Application Programming
Interface (API).
Default: Yes
This controls access to the XML and REST
APIs by systems such as Cisco TMS.
APIs by systems such as Cisco TMS.
State
Indicates if the group is enabled or disabled. Access
will be denied to members of disabled groups.
will be denied to members of disabled groups.
If an administrator account belongs to more
than one administrator group with a
combination of both Enabled and Disabled
states, their access will be Enabled.
than one administrator group with a
combination of both Enabled and Disabled
states, their access will be Enabled.
Determining the access level for accounts that belong in multiple groups
If an administrator account belongs to more than one administrator group, the effective settings for Access
level, Web access and API access will be the highest of each group to which the account belongs. Any
groups in a disabled state are ignored.
level, Web access and API access will be the highest of each group to which the account belongs. Any
groups in a disabled state are ignored.
For example, if the following groups were configured:
Group name
Access level
Web access
API access
Administrators
Read-write
-
-
Region A
Read-only
Yes
-
Region B
Read-only
-
Yes
Region C
Read-only
Yes
Yes
the following table shows examples of the access permissions that would be granted for accounts that
belong in one or more of those groups:
belong in one or more of those groups:
Groups belonged to
Access permissions granted
Administrators and Region A
read-write access to the web interface but no API access
Administrators and Region B
read-write access to the API interface, but no web interface access
Administrators and Region C
read-write access to the web and API interfaces
Region A only
read-only access to the web interface and no API access
Cisco Expressway Administrator Guide (X8.1)
Page 167 of 344
User accounts
Configuring remote account authentication using LDAP