Configuring user access control – Digi CM User Manual

Configuring User Access Control

64

Chapter 7

Configuring User Access Control

Another method to control access to the serial ports on the Digi CM is through
the User Access Control configuration. This configuration can be done on a
per port basis or globally by selecting the All Ports option. It is not necessary to
have users added to the system to assign rights. However, for the permissions
or restrictions to be enforced, the username must match exactly or the
application will not recognize any misspellings and is also case-sensitive. If
you want to add users, click on "System administration > Users
administration". For more details how to add users refer to "Administering
Users" on page 59.

Note:

Users do not need to be authenticated locally; they can be users on any

configured authentication server.

An administrator can choose either one of two strategies to assign rights to a port:

•

allowing “everyone” access to a port and then restricting access to certain
users or

•

specifying every user that has right to a port.

If <<everyone>> is checked, all users configured locally or that are using a
remote authentication mechanism like LDAP or Kerberos have access to this
port. If <<everyone>> is not checked, everyone allowed to access this port
needs to be listed.

When entering usernames for access permission or restrictions, the username
must be entered exactly as the username found on the remote authentication
server or configured locally. The username is case sensitive.

In the following example, there are three users configured on a Digi CM: Jeff,
Tim and Paul.

If you want to give Tim and Paul read/write access and power access to this
port, you could either

JOE

MIKE