Managing user groups – Nortel Networks 5500 series User Manual

Managing system users and groups

217

Managing user groups

All users must belong to at least one group. Only an administrator user
can add a new user account to the system, but any user can grant an
existing user membership in a group to which the granting user belongs.

By default, the administrator user is a member of all three built-in groups
(admin, oper, certadmin) and can therefore add a new user to any of
these groups. However, a certificate administrator, who is a member of
the certadmin group only, can add an existing user to the certadmin group
only.

If a user belongs to only one group and you want to change the user’s
group membership, add the user to the new group first, and then remove
the user from the old one.

If a user belongs to several groups, the first group, according to CLI
numbering, determines the enforcement filters and VLANs that are applied.

To set or change a user’s group assignment, access the Groups menu by
using the following command:

/cfg/sys/user/edit <username> /groups

The Groups menu appears.

The Groups menu includes the following options:

Table 49
Managing user groups

/cfg/sys/user/edit <username> /groups

followed by:

list

Lists all groups to which the user is currently
assigned, by group index number.

del <group index>

Removes the user from the specified group.

•

group index

is an integer indicating the

group index number

You must have administrator rights in order to
remove other users from groups.

add admin|oper|certadm

in

Assigns the user to one of the built-in groups
(admin, oper, certadmin).

Nortel Secure Network Access Switch

Using the Command Line Interface

NN47230-100

03.01

Standard

28 July 2008

Copyright © 2007, 2008 Nortel Networks

.