Command access rules, Table 7, Deleting a role – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual
Page 214
182
Network OS NETCONF Operations Guide
53-1003231-02
Command access rules
15
Deleting a role
To delete a role, perform the following steps.
1. Issue the <edit-config> RPC to configure the <role> node in the
urn:brocade.com:mgmt:brocade-aaa namespace.
2. Under the <role> node, include the <name> node element, and include the delete operation in
the element tag.
3. Under the <name> node, include the <name> leaf element and specify the name of the role
you want to delete.
<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="809" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config>
<role xmlns="urn:brocade.com:mgmt:brocade-aaa">
<name xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"
operation="delete">
<name>VLANAdmin</name>
</name>
</role>
</config>
</edit-config>
</rpc>
<rpc-reply message-id="809" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
Command access rules
Command authorization is defined in terms of an ordered set of rules that are associated with a
role. Rules define and restrict a role to access modes (read-only or read-write access), and beyond
that can define permit or reject on specified command groups or individual commands. You can
associate multiple rules with a given user-defined role, but you can only associate one role with any
given user account.
To specify a rule, you must specify at least three mandatory attributes: a rule index number, the role
to which the rule should apply, and the command that is defined by the rule.
describes the
rule attribute details.
TABLE 7
Rule attributes
Parameter
Description
index
A numeric identifier of the rule in the range between 1 and 512.
role
The name of the role for which the rule is defined.
command
The command for which access is defined.