Creating appliance user accounts – Cisco ACE XML OL-13877-01 User Manual
Page 2
11-60
Cisco ACE XML Gateway Administration Guide
OL-13877-01
Chapter 11 Miscellaneous Administrative Tasks
Creating Appliance User Accounts
Creating Appliance User Accounts
There are several types of user accounts in the system. Manager user accounts provide access to the ACE
XML Manager web console interface.
Another type of user account is used for accessing the ACE XML appliance command-line environment.
These accounts, called operating system accounts, enable access to terminal sessions on the appliance,
whether locally using a console connected to the appliance or remotely using secure shell (SSH).
Each ACE XML appliance includes the built-in
root
account. The
root
user has broad privileges for
performing operations on the ACE XML appliance. For security purposes, it is essential that access to
the
root
account is controlled carefully. You can create additional login accounts to allocate limited
administrative privileges to the appliance. User accounts also make it easier to audit configuration
changes.
There are two types of user accounts for the appliance:
•
Developer users access the appliance to install SDK extension
•
Operator users access the appliance to roll and retrieve log files
Notice that the privileges in either case are very restrictive. For example, the menu-driven Shell interface
is not available for either type of user. In both cases, they are restricted to the tasks listed.
To create a new login account on the ACE XML appliance:
Step 1
Log into the appliance shell as the
root
user.
Step 2
In the Main Menu, choose the Advanced Options item.
Step 3
Choose the Run Bash option on the Advanced Options page.
Step 4
At the
bash
prompt, create one of the two user types as follows:
•
To create an operator user, enter the following command:
reactivity-operator-add
[username]
“[description]”
where:
–
[username]
is the login name of the new operator user.
–
[description]
is a brief description of the account's purpose.
•
To create a developer user, enter the following command:
reactivity-developer-add
[username]
“[description]”
where:
–
[username]
is the login name of the new user.
–
[description]
is a brief description of the account.
Be sure to enclose the description with the double-quote character (") to ensure that the shell reads it
correctly.
Step 5
Enter a password for the new account. When prompted, confirm the password by entering it again.
The new user can now log in to the shell interface.
Step 6
Type
exit
to return to the administration menu.